Proceedings of the 2013 International Conference on Advanced ICT and Education

Anomaly Detection for DDoS Attacks Based on Gini Coefficient

Authors
Yun Liu, Siyu Jiang, Jiuming Huang
Corresponding Author
Yun Liu
Available Online August 2013.
DOI
https://doi.org/10.2991/icaicte.2013.129How to use a DOI?
Keywords
anomaly detection, Gini coefficient, TCM-KNN algorithm
Abstract
Distributed Denial-of-Service (DDoS) attacks present a very serious threat to the stability of the Internet. In this paper, an anomaly detection method for DDoS attacks based on Gini coefficient is pro-posed. First, Gini coefficient is introduced to measure the inequalities of packet attribution (IP addresses and ports) distributions during attacks. Then, an im-proved TCM-KNN algorithm is applied to identify attacks by classifying the Gini coefficient samples extracted from real-time network traffic. The experimental results demonstrate that the proposed method can effectively distinguish DDoS attacks from normal traffic, and has higher detection ratio and lower false alarm ratio than similar detection methods.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Proceedings
2013 International Conference on Advanced ICT and Education (ICAICTE-13)
Part of series
Advances in Intelligent Systems Research
Publication Date
August 2013
ISBN
978-90786-77-79-6
ISSN
1951-6851
DOI
https://doi.org/10.2991/icaicte.2013.129How to use a DOI?
Open Access
This is an open access article distributed under the CC BY-NC license.

Cite this article

TY  - CONF
AU  - Yun Liu
AU  - Siyu Jiang
AU  - Jiuming Huang
PY  - 2013/08
DA  - 2013/08
TI  - Anomaly Detection for DDoS Attacks Based on Gini Coefficient
BT  - 2013 International Conference on Advanced ICT and Education (ICAICTE-13)
PB  - Atlantis Press
SP  - 632
EP  - 637
SN  - 1951-6851
UR  - https://doi.org/10.2991/icaicte.2013.129
DO  - https://doi.org/10.2991/icaicte.2013.129
ID  - Liu2013/08
ER  -