부산대학교 도서관

Distributed Denial of Service (DDoS) flooding attacks have been a severe threat to the Internet for decades. These attacks usually are launched by exhausting bandwidth, network resources or server resources. Since most of these attacks are launched abruptly and severely, it is crucial to develop an efficient DDoS flooding attack detection system. In this paper, we present Slider, an online sketch-based DDoS flooding attack detection system. Slider utilizes a new type of sketch structure, namely Rotation Sketch, to effectively detect DDoS flooding attacks and efficiently identify the malicious hosts. Meanwhile, Slider also learns the characteristics of the current network during the time specified by the network operator to periodically update the parameters of its detection model. We have developed a prototype of Slider and the evaluation results on real-world traffic and public DDoS/DoS attack datasets demonstrate that Slider can effectively detect various DDoS flooding attacks with high precision and robustness.