Detecção de DDoS Através da Análise da Recorrência Baseada na Extração de Características Dinâmicas

  • Marcelo Antonio Righi UFSM
  • Raul Ceretta Nunes UFSM

Resumo


With the increasing number of Distributed Denial of Service (DDoS) attacks, detect them has become essential to maintaining the reliability of institutions using the internet. In this sense, different algorithms have been used to analyze network traffic, such as neural networks, decision trees, principal component analysis and others. However, these algorithms do not use dynamic features to classify network traffic. This article proposes to use the Analysis Quantification of Recurrence based on the extraction of dynamic characteristics combined with the clustering algorithm A-Kmeans to perform traffic classification. The results confirm the accuracy of the model that reached minimal number of false alarms when tested with the CAIDA data set.

Referências

Ganame AK, Bourgeois J, Bidou R, Spies F (2008). A global security architecture for intrusion detection on computer networks. Elsevier Comput Secur 27:30-47.

Lopes LW, Costa SLNC, Costa WCA, Correia SEN, Vieira VJD (2013). Análise da dinâmica não linear de vozes infantis: nova proposta de avaliação e monitoramento vocal. In: Pesquisas em Fonoaudiologia. Sociedade Brasileira de Fonoaudiologia.

Oo TT, Phyu T. (2014). "Analysis of DDoS Detection System based on Anomaly Detection System", International Conference on Advances in Engineering and Technology (ICAET'2014). Singapore.

The CAIDA "DDoS Attack 2007" Dataset - < Acesso em 15 maio 2015 11:12h > https://data.caida.org/datasets/security/ddos-20070804/

The CAIDA UCSD Anonymized Internet Traces 2008 - < Acesso em 05 maio 2015 11:12h > https://data.caida.org/datasets/passive-2008/

Tsai CF, Hsu YF, Lin CY e Lin WY. (2009). Intrusion detection by machine learning: A review. Expert Systems with Applications, v. 36, n. 10, p. 11994-12000.

Vieira VJD, Costa SC, Costa WCA. (2012). Análise de Quantificação de Recorrência e Análise Discriminante Aplicadas à Classificação de Sinais de Vozes Saudáveis e Sinais de Vozes Patológicas. In: Anais do VII CONNEPI©2012; ISBN 978-85-62830-10-5; Palmas-TO, Brasil.

Webber C L, Zbilut JP. (1994). Dynamical assessment of physiological systems and states using recurrence plots strategies. J. Appl. Physiol., 76:965-973.

Yuan J, Yuan R, Chen X (2014). Network Anomaly Detection based on Multi-scale Dynamic Characteristics of Traffic. INT J COMPUT COMMUN, ISSN 1841-9836, 9(1):101-112, February.
Publicado
09/11/2015
RIGHI, Marcelo Antonio; NUNES, Raul Ceretta. Detecção de DDoS Através da Análise da Recorrência Baseada na Extração de Características Dinâmicas. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 15. , 2015, Florianópolis. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2015 . p. 314-317. DOI: https://doi.org/10.5753/sbseg.2015.20104.