부산대학교 도서관

The distributed denial of service (DDoS) attack is one of the most destructive organized cyber-attacks against online services or computers on the network. Despite the existence of many mechanisms to detect DDoS attacks, the problem is still prevalent. This research dissected and analyzed twenty-two existing DDoS attack detection mechanisms, representing all types of DDoS attack defense approaches, to determine the reason for the persistent successful DDoS attacks. This research posits two hypotheses concerning this gap: First, a lack of mathematical function usage by the existing detection mechanisms. The few functions used are limited to logical, statistical, or probability functions, resulting in reduced detection effectiveness. Second, researchers unintentionally or inadvertently miscalculate the mechanisms’ detection accuracy rate by partially using quantitative metrics. This research has three objectives; to propose a set of qualitative metrics based on mathematical functions, to measure the relationship between the quantitative and qualitative metrics in the DDoS attack detection mechanisms, and to prove the relationship between the genuineness of the existing mechanisms’ detection accuracy, and full consideration of quantitative metrics and diversity of qualitative and metrics. The result revealed a correlation rate of 84.22 %, which reflects the correctness of the detection accuracy. Third, identifying the manipulation percentage of reported detection accuracy by employing the correlation rate complement. The result indicated that 15.78 % of the reviewed mechanisms had manipulated or inadvertently miscalculated the accuracy.