Cybersecurity has always been the focus of Internet research. An LDoS attack is an intelligent type of DoS attack, which reduces the quality of network service by periodically sending high-speed but short-pulse attack traffic. Because of its concealment and low average rate, the traditional DoS attack detection methods are challenging to be effective. The existing LDoS attack detection methods generally have the problems of high FPR and FNR. A cloud model-based LDoS attack detection method is proposed, and a classifier based on SVM is used to train and classify the feature parameters. The detection method is verified and tested in the NS2 simulation platform and Test-bed network environment. Compared with the existing research results, the proposed method requires fewer samples, and it has lower FPR and FNR.
A Kuzmanovic, E W Knightly. Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants. In: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. 2003, 75– 86
2
Z Wu , W Li , L Liu , M Yue . Low-rate DoS attacks, detection, defense, and challenges: a survey. IEEE Access, 2020, 8 : 43920– 43943
3
Q Liu , Y Peng , J Wu , T Wang , G Wang . Secure multi-keyword fuzzy searches with enhanced service quality in cloud computing. IEEE Transactions on Network and Service Management, 2021, 18( 2): 2046– 2062
4
X Li , S Liu , F Wu , S Kumari , J J P C Rodrigues . Privacy preserving data aggregation scheme for mobile edge computing assisted IoT applications. IEEE Internet of Things Journal, 2019, 6( 3): 4755– 4763
5
W Liang , L Xiao , K Zhang , M Tang , D He , K C Li . Data fusion approach for collaborative anomaly intrusion detection in blockchain-based systems. IEEE Internet of Things Journal, 2021, https://doi.org/10.1109/JIOT.2021.3053842
6
S Patel, B Gupta, V Sharma. Throughput analysis of AQM schemes under low-rate Denial of service attacks. In: Proceedings of 2016 International Conference on Computing, Communication and Automation (ICCCA). 2016, 551– 554
7
M U Rahman, Z U Rahman, M Fayaz, S Abbas, R K ShahSani. Performance analysis of TCP/AQM under low-rate denial-of-service attacks. In: Proceedings of 2016 International Conference on Inventive Computation Technologies. 2016, 1– 5
8
Chen Z, Pham T N D, Yeo C K, Lee B S, Lau C T. FRRED: fourier robust RED algorithm to detect and mitigate LDoS attacks. In: Proceedings of Zooming Innovation in Consumer Electronics International Conference. 2017, 13–17
9
K P Kaur , N Kaur , G Singh . Simulation and comparison of various queuing algorithms based on their performance using CPR approach in detection of LDDoS attacks. International Journal of Computer Applications, 2014, 93( 10): 7– 13
10
Y Cao , R Ji , L Ji , M Bao , L Tao , W Yang . Can multipath TCP be robust to Cyber Attacks? A measuring study of MPTCP with active queue management algorithms.. Security and Communication Networks, 2021, 2021 : 9963829–
11
Kwok Y K, Tripathi R, Chen Y, Hwang K. HAWK: halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks. In: Proceedings of the 3rd International Conference on Networking and Mobile Computing. 2005, 423–432
12
Zhang J, Hu H P, Liu B, Chen X. Method to counter LDoS attack based on the average length of packet in the queue. In: Proceedings of International Conference of China Communication and Technology. 2010, 418–421
13
C Zhang , Z Cai , W Chen , X Luo , J Yin . Flow level detection and filtering of low-rate DDoS. Computer Networks, 2012, 56( 15): 3417– 3431
14
Y Guo , H Duan , J Chen , F Miao . MAF-SAM: an effective method to perceive data plane threats of inter domain routing system. Computer Networks, 2016, 110 : 69– 78
15
Z Wu , M Yue , D Li , K Xie . SEDP-based detection of low-rate DoS attacks. International Journal of Communication Systems, 2015, 28( 11): 1772– 1788
16
P Cotae, M Kang, A Velazquez. Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In: Proceedings of 2016 IEEE International Conference on Communications. 2016, 1– 6
17
A Ain , M H Bhuyan , D K Bhattacharyya , J K Kalita . Rank correlation for low-rate DDoS attack detection: an empirical evaluation. International Journal of Network Security, 2016, 18( 3): 474– 480
18
Z Wu, J Jun, Y Meng. A particle filter-based approach for effectively detecting low-rate denial of service attacks. In: Proceedings of International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. 2016, 86– 90
19
Z J Wu , H T Zhang , M H Wang , B S Pei . MSABMS-based approach of detecting LDoS attack. Computers & Security, 2012, 31( 4): 402– 417
20
D Tang , L Tang , R Dai , J Chen , X Li , J J P C Rodrigues . MF-Adaboost: LDoS attack detection based on multi-features and improved Adaboost. Future Generation Computer Systems, 2020, 106 : 347– 359
21
M Yue , L Liu , Z Wu , M Wang . Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network. International Journal of Communication Systems, 2018, 31( 2): e3449–
22
D Tang , J Man , L Tang , Y Feng , Q Yang . WEDMS: an advanced mean shift clustering algorithm for LDoS attacks detection. Ad Hoc Networks, 2020, 102 : 102145–
23
Z Wu , L Zhang , M Yue . Low-rate DoS attacks detection based on network multifractal. IEEE Transactions on Dependable and Secure Computing, 2016, 13( 5): 559– 567
24
X Zhang , Z Wu , J Chen , M Yue . An adaptive KPCA approach for detecting LDoS attack. International Journal of Communication Systems, 2017, 30( 4): e2993–
25
S Zhan , D Tang , J Man , R Dai , X Wang . Low-rate DoS attacks detection based on MAF-ADM. Sensors, 2020, 20( 1): 189–
26
L Liu , H Wang , Z Wu , M Yue . The detection method of low-rate DoS attack based on multi-feature fusion. Digital Communications and Networks, 2020, 6( 4): 504– 513
27
D Tang , Y Feng , S Zhang , Z Qin . FR-RED: fractal residual based real-time detection of the LDoS attack. IEEE Transactions on Reliability, 2021, 70( 3): 1143– 1157
28
D Tang , S Zhang , J Chen , X Wang . The detection of low-rate DoS attacks using the SADBSCAN algorithm. Information Sciences, 2021, 565 : 229– 247
29
Li D. Artificial intelligence with uncertainty. In: Proceedings of the 4th International Conference on Computer and Information Technology. 2004, 15(11): 1583-1594
30
B Qin , X Zhou , J Yang , C Song . Grey-theory based intrusion detection model. Journal of Systems Engineering and Electronics, 2006, 17( 1): 230– 235
31
K Fall , K Varadhan . The ns manual (formerly ns notes and documentation). The VINT Project, 2005, 47 : 19– 231
32
D Li , C Liu , W Gan . A new cognitive model: cloud model. International Journal of Intelligent Systems, 2009, 24( 3): 357– 375
33
N Cristianini, J Shawe-Taylor. Linear learning machines. In: Cristianini N, Shawe-Taylor J, eds. An Introduction to Support Vector Machines and Other Kernel-Based Learning Methods. Cambridge: Cambridge University Press, 2000, 9– 25
34
C Cortes , V Vapnik . Support-vector networks. Machine Learning, 1995, 20( 3): 273– 297
35
Z J Wu , M Yue . Detection of LDDoS attack based on Kalman filtering. Acta Electronica Sinica, 2008, 36( 8): 1590– 1594
