论文部分内容阅读
Combating DDoS attacks at their sources is still in its infancy.In this paper,a nonparametric adaptive CUSUM (cumulative sum) method is presented,which is proven efficient in detecting SYN flooding attacks close to their sources.Different from other CUSUM methods,this new method has two distinct features:① its detection threshold can adapt itself to various traffic conditions and ② it can timely detect the end of an attack within a required delay.Trace-driven simulations are conducted to validate the efficacy of this method in detecting SYN flooding attacks,and the results show that the nonparametric adaptive CUSUM method excels in detecting low-rate attacks.
Combating DDoS attacks at their sources is still in its infancy. This paper, a nonparametric adaptive CUSUM (cumulative sum) method is presented, which is proven efficient in detecting SYN flooding attacks close to their sources. Different from other CUSUM methods, this new method has two distinct features: ① its detection threshold can adapt itself to various traffic conditions and ② it can timely detect the end of an attack within a required delay. Trace-driven simulations are conducted to validate the efficacy of this method in detecting SYN flooding attacks, and the results show that the nonparametric adaptive CUSUM method excels in detecting low-rate attacks.