DDoS Attack Detection Based on Compensation Non-Parameter CUSUM Algorithm
Source: Nanjing University
The researches focus in DDoS attack detection on target-end network. A new method to detect DDoS attacks based on TCP is given. For DDoS attacks based on TCP, many unacknowledged segments of both communication sides will be observed. In every time period, calculates the ratio of unacknowledged segments' number and all segments' number. Then, the statistical sequence based on time will come into being. Furtherly, use an improved non-parameter recursive CUSUM algorithm to efficiently detect DDoS attacks online. In the procedure of attack detection, the suspicious attack packets can also be recorded. Experiments prove that the authors' algorithm is fast and efficient.