Detection of the botnets’ low-rate DDoS attacks based on self-similarity

Detection of the botnets’ low-rate DDoS attacks based on self-similarity

An article presents the approach for the botnets’ low-rate a DDoS-attacks detection based on the botnet’s behavior in the network. Detection process involves the analysis of the network traffic, generated by the botnets’ low-rate DDoS attack. Proposed technique is the part of botnets detection syste...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of electrical and computer engineering (Malacca, Malacca) Malacca), 2020-08, Vol.10 (4), p.3651
Hauptverfasser: Lysenko, Sergii, Bobrovnikova, Kira, Matiukh, Serhii, Hurman, Ivan, Savenko, Oleg
Format: Artikel
Sprache:eng
Schlagworte:
Communications traffic
Denial of service attacks
Malware
Self-similarity
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An article presents the approach for the botnets’ low-rate a DDoS-attacks detection based on the botnet’s behavior in the network. Detection process involves the analysis of the network traffic, generated by the botnets’ low-rate DDoS attack. Proposed technique is the part of botnets detection system – BotGRABBER system. The novelty of the paper is that the low-rate DDoS-attacks detection involves not only the network features, inherent to the botnets, but also network traffic self-similarity analysis, which is defined with the use of Hurst coefficient. Detection process consists of the knowledge formation based on the features that may indicate low-rate DDoS attack performed by a botnet; network monitoring, which analyzes information obtained from the network and making conclusion about possible DDoS attack in the network; and the appliance of the security scenario for the corporate area network’s infrastructure in the situation of low-rate attacks.
ISSN:2088-8708
2722-2578
2088-8708
DOI:10.11591/ijece.v10i4.pp3651-3659