Publication: LD<sup>2</sup>: A system for lightweight detection of denial-of-service attacks
Issued Date
2008-12-01
Resource Type
Other identifier(s)
2-s2.0-62349121593
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
Proceedings - IEEE Military Communications Conference MILCOM. (2008)
Suggested Citation
Sirikarn Pukkawanna, Panita Pongpaibool, Vasaka Visoottiviseth LD<sup>2</sup>: A system for lightweight detection of denial-of-service attacks. Proceedings - IEEE Military Communications Conference MILCOM. (2008). doi:10.1109/MILCOM.2008.4753369 Retrieved from: https://repository.li.mahidol.ac.th/handle/20.500.14594/19198
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
LD<sup>2</sup>: A system for lightweight detection of denial-of-service attacks
Other Contributor(s)
Abstract
This paper proposes a system for lightweight detection of DoS attacks, called LD2. Our system detects attack activities by observing flow behaviors and matching them with graphlets for each attack type. The proposed system is lightweight because it does not analyze packet content nor packet statistics. We benchmark performance of LD2, in terms of detection accuracy and complexity against Snort, a popular open-source IDS software. Our evaluations focus on six types of DoS attacks, namely SYN flood, UDP flood, ICMP flood, Smurf, port scan, and host scan. Results show that LD2 can accurately identify all occurrences and all hosts associated with attack activities. Although LD2 uses higher CPU cycles than Snort, it consumes much less memory than Snort. ©2008 IEEE.