A HMM-R Approach to Detect L-DDoS Attack Adaptively on SDN Controller
AbstractA data center network is vulnerable to suffer from concealed low-rate distributed denial of service (L-DDoS) attacks because its data flow has the characteristics of data flow delay, diversity, and synchronization. Several studies have proposed addressing the detection of L-DDoS attacks, most of them are only detect L-DDoS attacks at a fixed rate. These methods cause low true positive and high false positive in detecting multi-rate L-DDoS attacks. Software defined network (SDN) is a new network architecture that can centrally control the network. We use an SDN controller to collect and analyze data packets entering the data center network and calculate the Renyi entropies base on IP of data packets, and then combine them with the hidden Markov model to get a probability model HMM-R to detect L-DDoS attacks at different rates. Compared with the four common attack detection algorithms (KNN, SVM, SOM, BP), HMM-R is superior to them in terms of the true positive rate, the false positive rate, and the adaptivity. View Full-Text
Share & Cite This Article
Wang, W.; Ke, X.; Wang, L. A HMM-R Approach to Detect L-DDoS Attack Adaptively on SDN Controller. Future Internet 2018, 10, 83.
Wang W, Ke X, Wang L. A HMM-R Approach to Detect L-DDoS Attack Adaptively on SDN Controller. Future Internet. 2018; 10(9):83.Chicago/Turabian Style
Wang, Wentao; Ke, Xuan; Wang, Lingxia. 2018. "A HMM-R Approach to Detect L-DDoS Attack Adaptively on SDN Controller." Future Internet 10, no. 9: 83.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.