عنوان مقاله [English]
The Denial of Service (DoS) attacks are the attacks that overload the system resources such as CPU, network bandwidth, memory and so on to prevent system to provide services any legitimate users. The Distributed Denial of Service (DDoS) attacks are DoS attacks that organized with several systems widely (BotNet) to shut down the servers. Many companies have developed many DDoS detector systems but as the attack patterns are getting more complex day by day, the prediction of DDoS attacks by a specific method with a reasonable cost still is a hard task.
In this paper, we tried to detect DDoS attacks by expert systems that use the attack symptoms and histories. We used expert system because DDoS attacks algorithms and patterns are complicated increasingly and as a result, we need to learn the attack detector systems. Finally, we implemented our system with visual studio .net and compared the results with simulation software such as "Netica".
حمزه کلایی. م.ح، شامانی. م.ر، شامانی. م.ج، (1392)، بهینه کردن الگوریتم کلونی مورچگان برای ردیابی آیپی حملات انکارسرویس، مجله عملی ـ پژوهشی پدافند الکترونیکی و سایبری، 4، 77-86.
Choi.Junho, Choi.Chang, Ko.Byeongkyu, Kim.Pankoo, (2014), A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment, Soft Computing, 18, 9, 1697-1703.
Crovella. M. E, Bestavros. A, (1997), Self-similarity in world wide web traffic: evidence and possible causes, IEEE/ACM Transactions on Networking, vol. 5, no. 6, pp. 835–846.
Hsin Lai. G, Chen. C.M, Jeng. B.Ch, Chao. W, (2008), Ant-based IP traceback, Expert Systems with Applications, 34, 4, 3071–3080.
Moore. D, Shannon. C, Brown. D. J, Voelker. G. M, Savage. S, (2006), Inferring internet denialof-service activity, ACM Transactions on Computer Systems, vol. 24, no. 2, pp. 115–139.
Paxson. V, Floyd. S, (1995), Wide area traffic: the failure of poisson modeling, IEEE/ACM Transactions on Networking, vol. 3, no. 3, pp. 226–244.
Pinzóna. Cristian I, Bajob. Javier, Pazb. Juan F. De, Corchadob. Juan M, (2011), S-MAS: An adaptive hierarchical distributed multi-agent architecture for blocking malicious SOAP messages within Web Services environments, Expert Systems with Applications, 38, 5, 5486–5499.
Xie. Y, Yu. S. Z, (2009), A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors, IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 54–65.
Yu. Shui, (2014), Distributed Denial of Service Attack and Defense, SpringerBriefs in Computer Science.
Zhou.Wei, Jia.Weijia, Wen.Sheng, Xiang.Yang, Zhou.Waniei, (2013), Detection and defense of application-layer DDoS attacks in backbone web traffic, Future Generation Computer Systems, 38, 36-46.