Business Intelligence Management Studies

Current Issue

By Issue

By Author

By Subject

Author Index

Keyword Index

About Journal

Aims and Scope

Publication Ethics

Indexing and Abstracting

Related Links

FAQ

Peer Review Process

Journal Metrics

News

Memorandum of Understanding

Article Writing Guide

Files

Reviwers (2020)

Reviwers2022

Consultants

4 - Reviewers 2023

Publons

Distributed Denial of Service Attack Detection by Expert Systems

Document Type : Research Paper

Authors

1 MA, Payame Noor University, Rey Branch, Tehran, Iran

2 Assistant Professor, Department of Computer Engineering and Information Technology, Payam Noor University, Tehran, Iran

Abstract

The Denial of Service (DoS) attacks are the attacks that overload the system resources such as CPU, network bandwidth, memory and so on to prevent system to provide services any legitimate users. The Distributed Denial of Service (DDoS) attacks are DoS attacks that organized with several systems widely (BotNet) to shut down the servers. Many companies have developed many DDoS detector systems but as the attack patterns are getting more complex day by day, the prediction of DDoS attacks by a specific method with a reasonable cost still is a hard task.
In this paper, we tried to detect DDoS attacks by expert systems that use the attack symptoms and histories. We used expert system because DDoS attacks algorithms and patterns are complicated increasingly and as a result, we need to learn the attack detector systems. Finally, we implemented our system with visual studio .net and compared the results with simulation software such as "Netica".  

Keywords

References
حمزه کلایی. م.ح، شامانی. م.ر، شامانی. م.ج، (1392)، بهینه کردن الگوریتم کلونی مورچگان برای ردیابی آی‌پی حملات انکارسرویس، مجله عملی ـ پژوهشی پدافند الکترونیکی و سایبری، 4، 77-86.
Choi.Junho, Choi.Chang, Ko.Byeongkyu, Kim.Pankoo, (2014), A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment, Soft Computing, 18, 9, 1697-1703.
Crovella. M. E, Bestavros. A, (1997), Self-similarity in world wide web traffic: evidence and possible causes, IEEE/ACM Transactions on Networking, vol. 5, no. 6, pp. 835–846.
Hsin Lai. G, Chen. C.M, Jeng. B.Ch, Chao. W, (2008), Ant-based IP traceback, Expert Systems with Applications, 34, 4, 3071–3080.
Moore. D, Shannon. C, Brown. D. J, Voelker. G. M, Savage. S, (2006), Inferring internet denialof-service activity, ACM Transactions on Computer Systems, vol. 24, no. 2, pp. 115–139.
Paxson. V, Floyd. S, (1995), Wide area traffic: the failure of poisson modeling, IEEE/ACM Transactions on Networking, vol. 3, no. 3, pp. 226–244.
Pinzóna. Cristian I, Bajob. Javier, Pazb. Juan F. De, Corchadob. Juan M, (2011), S-MAS: An adaptive hierarchical distributed multi-agent architecture for blocking malicious SOAP messages within Web Services environments, Expert Systems with Applications, 38, 5, 5486–5499.
Xie. Y, Yu. S. Z, (2009), A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors, IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 54–65.
Yu. Shui, (2014), Distributed Denial of Service Attack and Defense, SpringerBriefs in Computer Science.
Zhou.Wei, Jia.Weijia, Wen.Sheng, Xiang.Yang, Zhou.Waniei, (2013), Detection and defense of application-layer DDoS attacks in backbone web traffic, Future Generation Computer Systems, 38, 36-46.
 
 
Business Intelligence Management Studies
Volume 5, Issue 17
April 2016
Pages 63-92
Files
History
  • Receive Date: 17 January 2017
  • Accept Date: 17 January 2017
Share
How to cite
Statistics