A combined data mining approach for DDoS attack detection

Mihui Kim, Hyunjung Na, Kijoon Chae, Hyochan Bang, Jungchan Na

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

23 Scopus citations

Abstract

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method. In this paper, we propose a combined data mining approach for modeling the traffic pattern of normal and diverse attacks. This approach uses the automatic feature selection mechanism for selecting the important attributes. And the classifier is built with the theoretically selected attribute through the neural network. And then, our experimental results show that our approach can provide the best performance on the real network, in comparison with that by heuristic feature selection and any other single data mining approaches.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
EditorsHyun-Kook Kahng, Shigeki Goto
PublisherSpringer Verlag
Pages943-950
Number of pages8
ISBN (Print)3540230343
DOIs
StatePublished - 2004

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3090
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Fingerprint

Dive into the research topics of 'A combined data mining approach for DDoS attack detection'. Together they form a unique fingerprint.

Cite this