Use this URL to cite or link to this record in EThOS: http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.677109
Title: Distributed Denial of Service (DDoS) attack detection and mitigation
Author: Saied, Alan
ISNI:       0000 0004 5368 3255
Awarding Body: King's College London
Current Institution: King's College London (University of London)
Date of Award: 2015
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
A Distributed Denial of Service (DDoS) attack is an organised distributed packet-storming technique that aims to overload network devices and the communication channels between them. Its major objective is to prevent legitimate users from accessing networks, servers, services, or other computer resources. In this thesis, we propose, implement and evaluate a DDoS Detector approach consisting of detection, defence and knowledge sharing components. The detection component is designed to detect known and unknown DDoS attacks using an Artificial Neural Network (ANN) while the defence component prevents forged DDoS packets from reaching the victim. DDoS Detectors are distributed across one or more networks in order to mitigate the strength of a DDoS attack. The knowledge sharing component uses encrypted messages to inform other DDoS Detectors when it detects a DDoS attack. This mechanism increases the efficacy of the detection mechanism between the DDoS Detectors. This approach has been evaluated and tested against other related approaches in terms of Sensitivity, Specificity, False Positive Rate (FPR), Precision, and Detection Accuracy. A major contribution of the research is that this approach achieves a 98% DDoS detection and mitigation accuracy, which is 5% higher than the best result of previous related approaches.
Supervisor: Overill, Richard Edward ; Radzik, Tomasz Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.677109  DOI: Not available
Share: