Next Article in Journal / Special Issue
Network Forensics Method Based on Evidence Graph and Vulnerability Reasoning
Previous Article in Journal
ODK Scan: Digitizing Data Collection and Impacting Data Management Processes in Pakistan’s Tuberculosis Control Program
Previous Article in Special Issue
Cyber Conflicts as a New Global Threat
Article Menu

Export Article

Open AccessArticle
Future Internet 2016, 8(4), 52;

A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection

CyberSecurity Lab, Posts and Telecommunications Institute of Technology, Hanoi 100000, Vietnam
VNPT Software, Hanoi 100000, Vietnam
Author to whom correspondence should be addressed.
Academic Editor: Jiankun Hu
Received: 18 September 2016 / Revised: 19 October 2016 / Accepted: 20 October 2016 / Published: 25 October 2016
(This article belongs to the Special Issue Cyber Warfare)
Full-Text   |   PDF [568 KB, uploaded 25 October 2016]   |  


On the high-speed connections of the Internet or computer networks, the IP (Internet Protocol) packet traffic passing through the network is extremely high, and that makes it difficult for network monitoring and attack detection applications. This paper reviews methods to find the high-occurrence-frequency elements in the data stream and applies the most efficient methods to find Hot-IPs that are high-frequency IP addresses of IP packets passing through the network. Fast finding of Hot-IPs in the IP packet stream can be effectively used in early detection of DDoS (Distributed Denial of Service) attack targets and spreading sources of network worms. Research results show that the Count-Min method gives the best overall performance for Hot-IP detection thanks to its low computational complexity, low space requirement and fast processing speed. We also propose an early detection model of DDoS attack targets based on Hot-IP finding, which can be deployed on the target network routers. View Full-Text
Keywords: DDoS attack detection; Count-Min; Count-Sketch; Group Testing DDoS attack detection; Count-Min; Count-Sketch; Group Testing

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Hoang, X.D.; Pham, H.K. A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection. Future Internet 2016, 8, 52.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top