Visual analytics model for intrusion detection in flood attack

Publication Type:
Conference Proceeding
Proceedings - 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, 2013, pp. 277 - 284
Issue Date:
Full metadata record
Files in This Item:
Filename Description Size
2013004170OK.pdf856.63 kB
Adobe PDF
Flood attacks are common forms of Distributed Denial-of-Service (DDoS) attack threats on internet in nature. This has necessitated the need for visual analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualize and present flood attacks in networks for early detection. In this paper, we introduce three coefficients, which not only classify the behaviors of flood attacks, but also measure the system performance under those flood attacks: a) attack-density that patterns the characters of flood attack, b) system workload which represents the system capability in handling flood attack and c) the scalability to classify the impact level of the flood attack at victim site. A visual clustered method is used to display the DDoS flood attacks. The experimentation results are presented to demonstrate our new model significantly improves the accuracy of the detection of DDoS attacks and provides a better understanding of the nature of flood attacks on networks. © 2013 IEEE.
Please use this identifier to cite or link to this item: