Adaptive Clustering with Feature Ranking for DDoS Attacks Detection

File Size Format
68259_1.pdf 413Kb Adobe PDF View
Title Adaptive Clustering with Feature Ranking for DDoS Attacks Detection
Author Wu, Xin-Wen; Zi, Lifang; Yearwood, John
Publication Title Proceedings of 2010 Fourth International Conference on Network and System Security - NSS 2010
Editor Yang Xiang, Pierangela Samarati, Jiankun Hu, Wanlie Zhou, Ahmad-Reza Sadeghi
Year Published 2010
Place of publication USA
Publisher IEEE
Abstract Distributed Denial of Service (DDoS) attacks pose an increasing threat to the current internet. The detection of such attacks plays an important role in maintaining the security of networks. In this paper, we propose a novel adaptive clustering method combined with feature ranking for DDoS attacks detection. First, based on the analysis of network traffic, preliminary variables are selected. Second, the Modified Global K-means algorithm (MGKM) is used as the basic incremental clustering algorithm to identify the cluster structure of the target data. Third, the linear correlation coefficient is used for feature ranking. Lastly, the feature ranking result is used to inform and recalculate the clusters. This adaptive process can make worthwhile adjustments to the working feature vector according to different patterns of DDoS attacks, and can improve the quality of the clusters and the effectiveness of the clustering algorithm. The experimental results demonstrate that our method is effective and adaptive in detecting the separate phases of DDoS attacks.
Peer Reviewed Yes
Published Yes
Alternative URI http://dx.doi.org/10.1109/NSS.2010.70
Copyright Statement Copyright 2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
ISBN 9781424484843
Conference name NSS 2010 -Fourth International Conference on Network and System Security
Location Melbourne
Date From 2010-09-01
Date To 2010-09-03
URI http://hdl.handle.net/10072/37326
Date Accessioned 2011-02-10
Date Available 2012-09-02T23:20:18Z
Language en_US
Research Centre Institute for Integrated and Intelligent Systems
Faculty Faculty of Science, Environment, Engineering and Technology
Subject Data Encryption; Information Systems
Publication Type Conference Publications (Full Written Paper - Refereed)
Publication Type Code e1

Show simple item record

Griffith University copyright notice