CSSE Seminar Series (CSSESS)
Welcome to the web page describing past, present, and future seminars presented by staff, students, and visitors to the Department of Computer Science and Software Engineering.
View past or future seminars; or view the CSSESS Home Page.
Seminar
DDoS detection based on traffic self-similarity.
Speaker: Delio Brignoli.
Institute: Masters Student, CSSE.
Time/Place: 3:10 pm, Friday, 1 May, in Room 031, Erskine Building.
All are welcome.
Abstract
Distributed denial of service attacks (or DDoS) are a common occurrence on the internet and are becoming more intense as the bot-nets, used to launch them, grow bigger. Preventing or stopping DDoS is not possible without radically changing the internet's infrastructure; various DDoS mitigation techniques have been devised with different degrees of success. All mitigation techniques share the need for a DDoS detection mechanism. DDoS detection based on traffic self-similarity estimation is an approach built on the notion that undisturbed network traffic displays fractal like properties. These fractal like properties are known to degrade in presence of abnormal traffic conditions like DDoS. Detection is possible by observing the changes in the level of self-similarity in the traffic flow at the target of the attack. We discuss the resiliency of 'DDoS detection based on self-similarity' to denial of service traffic that is itself self-similar. We find that, even when DDoS traffic is self-similar, detection is still possible. We also find that the traffic flow resulting from the superimposition of DDoS flow and legitimate traffic flow possesses a level of self-similarity that depends on both relative traffic intensity and on the difference in self-similarity between the two incoming flows.
View past or future seminars; or view the CSSESS Home Page.