摘要
In Distributed Denial-of-Service (DDoS) Attack, an attacker breaks into many innocent computers (called zombies). Then, the attacker sends a large number of packets from zombies to a server, to prevent the server from conducting normal business operations. We design a DDoS-detection system based on a decision-tree technique and, after detecting an attack, to trace back to the attacker's locations with a traffic-flow pattern-matching technique. Our system could detect DDoS attacks with the false positive ratio about 1.2-2.4%, false negative ratio about 2-10%, and find the attack paths in traceback with the false negative rate 8-12% and false positive rate 12-14%.
| 原文 | English |
|---|---|
| 頁(從 - 到) | 121-136 |
| 頁數 | 16 |
| 期刊 | International Journal of Ad Hoc and Ubiquitous Computing |
| 卷 | 7 |
| 發行號 | 2 |
| DOIs | |
| 出版狀態 | Published - 3月 2011 |