Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 47744 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Jahangir, Amir Hossein
- Abstract:
- Distributed Denial of Service attacks are threats that target availability of network resources. One feature of this type of attacks is high volume of traffic or service request from huge number of illegitimate attackers that organize botnets together, which cause performance decrease of network. Nowadays, distinguishing huge number of legitimate users during Flash Crowd is one of the most challenging issues for network security experts. Most of proposed methods so far, did not have enough performance or were only applicable in short term, due to increasing attackers’ knowledge in mimicking legitimate users behavior. Methods based on extracting statistic features usually, have better performance, but mostly study statistical features of traffic flow on correlative level which is not effective when two different flows are combined together. In this thesis we propose a method that not only has all advantages of past methods in distinguishing different types of traffic (DDoS attack and flash crowd), but also discriminates them when they are combined together. To achieve this goal our method studies features of flows at individual level. This thesis firstly discusses different features of attack traffic and Flash Crowd. It then compares users’ behavior with DDoS attack bots. This comparison is about statistical features of packet inter arrival time of clients i.e. users in Flash Crowd and Bots in DDoS attack. Finally, based on extracted features, and by using clustering methods, we distinguish attack flows from legitimate users. At last, the proposed method is evaluated and the recall, precision and other related metrics are measured
- Keywords:
- Entropy ; Clustering ; Denial of Service (DOS)Attack Detection ; Denial of Service (DOS)Attack ; Travel Behavior ; Flash Crowd ; Clustering ; Self-Similarity
Digital Object List
-
محتواي کتاب
- view
Bookmark