Indian Institute of Technology Roorkee
A real time estimation of the number of zombies in DDoS attack scenario is helpful to suppress the effect of attack by choosing predicted number of most suspicious attack sources for either filtering or rate limiting. In this paper, ANN is employed to estimate number of zombies involved in a DDoS attack. The method does not depend on the frequency of attack and hence solves the problem of low detection precision and weak detection stability of ANN which occurs when used for low frequent attack estimation. The sample data used to train the feed forward neural networks is generated using NS-2 network simulator running on Linux platform.