A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection
On the high-speed connections of the Internet or computer networks, the IP (Internet Protocol) packet traffic passing through the network is extremely high, and that makes it difficult for network monitoring and attack detection applications. This paper reviews methods to find the high-occurrence-fr...
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2016-10-01
|
Series: | Future Internet |
Subjects: | |
Online Access: | http://www.mdpi.com/1999-5903/8/4/52 |
_version_ | 1811343622546653184 |
---|---|
author | Xuan Dau Hoang Hong Ky Pham |
author_facet | Xuan Dau Hoang Hong Ky Pham |
author_sort | Xuan Dau Hoang |
collection | DOAJ |
description | On the high-speed connections of the Internet or computer networks, the IP (Internet Protocol) packet traffic passing through the network is extremely high, and that makes it difficult for network monitoring and attack detection applications. This paper reviews methods to find the high-occurrence-frequency elements in the data stream and applies the most efficient methods to find Hot-IPs that are high-frequency IP addresses of IP packets passing through the network. Fast finding of Hot-IPs in the IP packet stream can be effectively used in early detection of DDoS (Distributed Denial of Service) attack targets and spreading sources of network worms. Research results show that the Count-Min method gives the best overall performance for Hot-IP detection thanks to its low computational complexity, low space requirement and fast processing speed. We also propose an early detection model of DDoS attack targets based on Hot-IP finding, which can be deployed on the target network routers. |
first_indexed | 2024-04-13T19:32:08Z |
format | Article |
id | doaj.art-31174614cb424939a86f803c7cd09a1e |
institution | Directory Open Access Journal |
issn | 1999-5903 |
language | English |
last_indexed | 2024-04-13T19:32:08Z |
publishDate | 2016-10-01 |
publisher | MDPI AG |
record_format | Article |
series | Future Internet |
spelling | doaj.art-31174614cb424939a86f803c7cd09a1e2022-12-22T02:33:09ZengMDPI AGFuture Internet1999-59032016-10-01845210.3390/fi8040052fi8040052A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target DetectionXuan Dau Hoang0Hong Ky Pham1CyberSecurity Lab, Posts and Telecommunications Institute of Technology, Hanoi 100000, VietnamVNPT Software, Hanoi 100000, VietnamOn the high-speed connections of the Internet or computer networks, the IP (Internet Protocol) packet traffic passing through the network is extremely high, and that makes it difficult for network monitoring and attack detection applications. This paper reviews methods to find the high-occurrence-frequency elements in the data stream and applies the most efficient methods to find Hot-IPs that are high-frequency IP addresses of IP packets passing through the network. Fast finding of Hot-IPs in the IP packet stream can be effectively used in early detection of DDoS (Distributed Denial of Service) attack targets and spreading sources of network worms. Research results show that the Count-Min method gives the best overall performance for Hot-IP detection thanks to its low computational complexity, low space requirement and fast processing speed. We also propose an early detection model of DDoS attack targets based on Hot-IP finding, which can be deployed on the target network routers.http://www.mdpi.com/1999-5903/8/4/52DDoS attack detectionCount-MinCount-SketchGroup Testing |
spellingShingle | Xuan Dau Hoang Hong Ky Pham A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection Future Internet DDoS attack detection Count-Min Count-Sketch Group Testing |
title | A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection |
title_full | A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection |
title_fullStr | A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection |
title_full_unstemmed | A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection |
title_short | A Review on Hot-IP Finding Methods and Its Application in Early DDoS Target Detection |
title_sort | review on hot ip finding methods and its application in early ddos target detection |
topic | DDoS attack detection Count-Min Count-Sketch Group Testing |
url | http://www.mdpi.com/1999-5903/8/4/52 |
work_keys_str_mv | AT xuandauhoang areviewonhotipfindingmethodsanditsapplicationinearlyddostargetdetection AT hongkypham areviewonhotipfindingmethodsanditsapplicationinearlyddostargetdetection AT xuandauhoang reviewonhotipfindingmethodsanditsapplicationinearlyddostargetdetection AT hongkypham reviewonhotipfindingmethodsanditsapplicationinearlyddostargetdetection |