Performance Analysis of Packet Sampling Mechanisms for DDoS Attack Detection

Kil Soo Kang; Joon Hee Lee; Kyung Hee Choi; Gi Hyun Jung; Jae Hong Shim

Performance Analysis of Packet Sampling Mechanisms for DDoS Attack Detection

The KIPS Transactions:PartC, Vol. 11, No. 6, pp. 711-718, Dec. 2004

10.3745/KIPSTC.2004.11.6.711, PDF Download:

Abstract

Packet sampling is the techniques to collect a part of the packets through network and analyze the characteristic of the traffic for managing the network and keeping security. This paper presents a study on the sampling techniques applied to DDoS traffic and on the characteristics of the sampled traffic to detect DDoS attack efficiently and improve traffic analysis capacity. Three famous sampling techniques are evaluated with different sampling rates on various DDoS traffics. To analyze traffic characteristics, one of the DDoS attack detection method. Traffic Rate Analysis (TRA) is used. Simulation results verify that using sampling techniques preserve the traffic characteristics of DDoS and do not significantly reduce the detection accuracy.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

K. S. Kang, J. H. Lee, K. H. Choi, G. H. Jung, J. H. Shim, "Performance Analysis of Packet Sampling Mechanisms for DDoS Attack Detection," The KIPS Transactions:PartC, vol. 11, no. 6, pp. 711-718, 2004. DOI: 10.3745/KIPSTC.2004.11.6.711.

[ACM Style]

Kil Soo Kang, Joon Hee Lee, Kyung Hee Choi, Gi Hyun Jung, and Jae Hong Shim. 2004. Performance Analysis of Packet Sampling Mechanisms for DDoS Attack Detection. The KIPS Transactions:PartC, 11, 6, (2004), 711-718. DOI: 10.3745/KIPSTC.2004.11.6.711.