Archives and Documentation Center
Digital Archives

DDoS attack detection using frequency domain characteristics

Show simple item record

dc.contributor Graduate Program in Electrical and Electronic Engineering.
dc.contributor.advisor Anarım, Emin.
dc.contributor.author Fouladi, Ramin Fadaei.
dc.date.accessioned 2023-03-16T10:18:22Z
dc.date.available 2023-03-16T10:18:22Z
dc.date.issued 2014.
dc.identifier.other EE 2014 F68
dc.identifier.uri http://digitalarchive.boun.edu.tr/handle/123456789/12853
dc.description.abstract Providing 24-hour service to the users, is one of the major concerns of network administrators. A denial of service attack refers to a condition that a server cannot give normal services to its legitimate clients due to the large amount of bogus packets sent by an unknown source. In a distributed denial of service (DDoS) attack, an attacker launches the attack on a server via a large number of unaware computers through Internet. During a DDoS attack, the victim is forced to reply to the requests from those infected nodes called zombies. The rst step of countermeasure against these types of threats is detection. Conventional methods analyze the contents of packets arrived to the victim node to nd an abnormality. Although they can identify some simple attacks, they are almost unable to segregate the source of normal tra c from attack one when attackers alter the source IP address into the normal source IP address. Additionally the contents of the abnormal packets are usually changed intentionally by attackers to be close to those in normal packets and therefore they can easily be passed through a system employing traditional detection approaches. In this thesis, a frequency domain analysis is proposed to detect DDoS attacks. The number of packets received by the victim in a speci c interval are sampled and considered as a random process. Employing two di erent methods of power spectral density estimation, the frequency characteristic of the time series is estimated. Using each spectrum estimation methods, two sets of frequency characteristics, one for normal and another for DDoS tra c, are acquired, and utilized by a signature based intrusion detection system to detect abnormality.
dc.format.extent 30 cm.
dc.publisher Thesis (M.S.)-Bogazici University. Institute for Graduate Studies in Science and Engineering, 2014.
dc.subject.lcsh Internet -- Access control.
dc.subject.lcsh Internet -- Security measures.
dc.subject.lcsh Telecommunication -- Traffic.
dc.title DDoS attack detection using frequency domain characteristics
dc.format.pages xii, 41 leaves ;


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Digital Archive


Browse

My Account