An Analysis of Network Traffic on DDoS Attacks against Web Servers

Cheol Ho Lee; Kyung Hee Choi; Gi Hyun Jung; Sang Uk Noh

An Analysis of Network Traffic on DDoS Attacks against Web Servers

The KIPS Transactions:PartC, Vol. 10, No. 3, pp. 253-264, Jun. 2003

10.3745/KIPSTC.2003.10.3.253, PDF Download:

Abstract

This paper presents the analytic model of Distributed Denial-of-Service (DDoS) attacks in two settings : the normal Web server without any attack and the Web server with DDoS attacks. In these settings, we measure TCP flag rate, which is expressed in terms of the ratio of the number of TCP flags, i.e., SYN, ACK, RST, etc., packets over the total number of TCP packets, and Protocol rate, which is defined by the ratio of the number of TCP (UDP or ICMP) packets over the total number of IP packets. The experimental results show a distinctive and predictive pattern of DDoS attacks. We wish our approach can be used to detect and prevent DDoS attacks.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

C. H. Lee, K. H. Choi, G. H. Jung, S. U. Noh, "An Analysis of Network Traffic on DDoS Attacks against Web Servers," The KIPS Transactions:PartC, vol. 10, no. 3, pp. 253-264, 2003. DOI: 10.3745/KIPSTC.2003.10.3.253.

[ACM Style]

Cheol Ho Lee, Kyung Hee Choi, Gi Hyun Jung, and Sang Uk Noh. 2003. An Analysis of Network Traffic on DDoS Attacks against Web Servers. The KIPS Transactions:PartC, 10, 3, (2003), 253-264. DOI: 10.3745/KIPSTC.2003.10.3.253.