Science and Development Network (SciDev.Net)
Today the scale, complexity and intensity of denial of service attacks has increased many folds. These attacks have moved from simple flooding based attacks to sophisticated Application based attacks as well as Protocol specific attacks. The challenge is to develop detection algorithms that can distinguish between the attacks like the new pulsating denial of service and legitimate traffic like Flash events. The presence of self-similarity in computer network traffic has introduced a newer dimension in techniques being developed for anomaly detection in aggregated network traffic. The authors propose use of wavelets to distinguish between legitimate flash events and pulsating distributed denial of service attacks and generating images to show point-of-presence of the attack. The detection methodology has also been tested on KDD Dataset.