Entity entity -based parameterization for distinguishing distributed denial of service from flash events

M. A. Mohamed, Norziana Jamil, A. F. Abidin, Marina Md Din, W. N.S.W. Nik, A. R. Mamat

Research output: Contribution to journalArticle

Abstract

In a perfect condition, there are only normal network traffic and sometimes flash event traffics due to some eyecatching or heartbreaking events. Nevertheless, both events carry legitimate requests and contents to the server. Flash event traffic can be massive and damaging to the availability of the server. However, it can easily be remedied by hardware solutions such as adding extra processing power and memory devices and software solution such as load balancing. In contrast, a collection of illegal traffic requests produced during distributed denial of service (DDoS) attack tries to cause damage to the server and thus is considered as dangerous where prevention, detection and reaction are imminent in case of occurrence. In this paper, the detection of attacks by distinguishing it from legal traffic is of our main concern. Initially, we categorize the parameters involved in the attacks in relation to their entities. Further, we examine different concepts and techniques from information theory and image processing domain that takes the aforementioned parameters as input and in turn decides whether an attack has occurred. In addition to that, we also pointed out the advantages for each technique, as well as any possible weakness for possible future works.

Original languageEnglish
Pages (from-to)5-8
Number of pages4
JournalInternational Journal of Engineering and Technology(UAE)
Volume7
Issue number2
DOIs
Publication statusPublished - 01 Jan 2018

Fingerprint

Parameterization
Servers
Information Theory
Software
Information theory
Telecommunication traffic
Equipment and Supplies
Resource allocation
Image processing
Availability
Hardware
Data storage equipment
Processing

All Science Journal Classification (ASJC) codes

  • Biotechnology
  • Computer Science (miscellaneous)
  • Environmental Engineering
  • Chemical Engineering(all)
  • Engineering(all)
  • Hardware and Architecture

Cite this

@article{b325b703ac0b49ff832b07c9a7e3c2e4,
title = "Entity entity -based parameterization for distinguishing distributed denial of service from flash events",
abstract = "In a perfect condition, there are only normal network traffic and sometimes flash event traffics due to some eyecatching or heartbreaking events. Nevertheless, both events carry legitimate requests and contents to the server. Flash event traffic can be massive and damaging to the availability of the server. However, it can easily be remedied by hardware solutions such as adding extra processing power and memory devices and software solution such as load balancing. In contrast, a collection of illegal traffic requests produced during distributed denial of service (DDoS) attack tries to cause damage to the server and thus is considered as dangerous where prevention, detection and reaction are imminent in case of occurrence. In this paper, the detection of attacks by distinguishing it from legal traffic is of our main concern. Initially, we categorize the parameters involved in the attacks in relation to their entities. Further, we examine different concepts and techniques from information theory and image processing domain that takes the aforementioned parameters as input and in turn decides whether an attack has occurred. In addition to that, we also pointed out the advantages for each technique, as well as any possible weakness for possible future works.",
author = "Mohamed, {M. A.} and Norziana Jamil and Abidin, {A. F.} and {Md Din}, Marina and Nik, {W. N.S.W.} and Mamat, {A. R.}",
year = "2018",
month = "1",
day = "1",
doi = "10.14419/ijet.v7i2.14.11142",
language = "English",
volume = "7",
pages = "5--8",
journal = "International Journal of Engineering and Technology(UAE)",
issn = "2227-524X",
publisher = "Science Publishing Corporation Inc",
number = "2",

}

Entity entity -based parameterization for distinguishing distributed denial of service from flash events. / Mohamed, M. A.; Jamil, Norziana; Abidin, A. F.; Md Din, Marina; Nik, W. N.S.W.; Mamat, A. R.

In: International Journal of Engineering and Technology(UAE), Vol. 7, No. 2, 01.01.2018, p. 5-8.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Entity entity -based parameterization for distinguishing distributed denial of service from flash events

AU - Mohamed, M. A.

AU - Jamil, Norziana

AU - Abidin, A. F.

AU - Md Din, Marina

AU - Nik, W. N.S.W.

AU - Mamat, A. R.

PY - 2018/1/1

Y1 - 2018/1/1

N2 - In a perfect condition, there are only normal network traffic and sometimes flash event traffics due to some eyecatching or heartbreaking events. Nevertheless, both events carry legitimate requests and contents to the server. Flash event traffic can be massive and damaging to the availability of the server. However, it can easily be remedied by hardware solutions such as adding extra processing power and memory devices and software solution such as load balancing. In contrast, a collection of illegal traffic requests produced during distributed denial of service (DDoS) attack tries to cause damage to the server and thus is considered as dangerous where prevention, detection and reaction are imminent in case of occurrence. In this paper, the detection of attacks by distinguishing it from legal traffic is of our main concern. Initially, we categorize the parameters involved in the attacks in relation to their entities. Further, we examine different concepts and techniques from information theory and image processing domain that takes the aforementioned parameters as input and in turn decides whether an attack has occurred. In addition to that, we also pointed out the advantages for each technique, as well as any possible weakness for possible future works.

AB - In a perfect condition, there are only normal network traffic and sometimes flash event traffics due to some eyecatching or heartbreaking events. Nevertheless, both events carry legitimate requests and contents to the server. Flash event traffic can be massive and damaging to the availability of the server. However, it can easily be remedied by hardware solutions such as adding extra processing power and memory devices and software solution such as load balancing. In contrast, a collection of illegal traffic requests produced during distributed denial of service (DDoS) attack tries to cause damage to the server and thus is considered as dangerous where prevention, detection and reaction are imminent in case of occurrence. In this paper, the detection of attacks by distinguishing it from legal traffic is of our main concern. Initially, we categorize the parameters involved in the attacks in relation to their entities. Further, we examine different concepts and techniques from information theory and image processing domain that takes the aforementioned parameters as input and in turn decides whether an attack has occurred. In addition to that, we also pointed out the advantages for each technique, as well as any possible weakness for possible future works.

UR - http://www.scopus.com/inward/record.url?scp=85045378136&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85045378136&partnerID=8YFLogxK

U2 - 10.14419/ijet.v7i2.14.11142

DO - 10.14419/ijet.v7i2.14.11142

M3 - Article

AN - SCOPUS:85045378136

VL - 7

SP - 5

EP - 8

JO - International Journal of Engineering and Technology(UAE)

JF - International Journal of Engineering and Technology(UAE)

SN - 2227-524X

IS - 2

ER -