Detecting DDoS Attacks Against DNS Servers Using Time Series Analysis
Abstract
Domain Name System (DNS) Service is the basic support of Internet, which security plays a vital role in the entire Internet. Because DNS requests and responses are mostly UDP-based, and the existing large numbers of open recursive DNS servers, it is vulnerable to distributed denial of services (DDoS) attacks. Through the analysis of several aspects of these attacks, a novel approach to detect DDoS attack is proposed based on characteristics of attack traffics (CAT) time series. Then CAT time series are transformed into a multidimensional vector series and a support vector machine (SVM) classifier is applied to identity the attacks. The experiment results show that our approach can identify the state features of the abnormal flow due to the DDoS attacking flows, and detect DDoS attacks accurately
Keywords
Full Text:
PDFRefbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).