Abstract

Distributed Denial of Service (DDoS) attacks continue to be a severe threat to the Internet, and have been evolving both in traffic volume and in sophistication. While many attack detection approaches exist, few of them provide easily interpretable and actionable network-level signatures. Further, most tools are either not scalable or are prohibitively expensive, and thus are not broadly available to network operators. We bridge this gap by proposing AMON-SENSS, an open-source system for scalable, accurate DDoS detection and signature generation in large networks. AMON-SENSS employs hash-based binning with multiple bin layers for scalability, observes traffic at multiple granularities, and deploys traffic volume and traffic asymmetry change-point detection techniques to identify attacks. It proactively devises network-level attack signatures, which can be used to filter attack traffic. We evaluate AMON-SENSS …

Metadata

publication

GLOBECOM 2022-2022 IEEE Global Communications Conference, 3399-3404, 2022

year

2022

publication date

2022/12/4

authors

Rajat Tandon, Pithayuth Charnsethikul, Michalis Kallitsis, Jelena Mirkovic

link

https://ieeexplore.ieee.org/abstract/document/10001010/

resource_link

https://par.nsf.gov/servlets/purl/10390157

conference

GLOBECOM 2022-2022 IEEE Global Communications Conference

pages

3399-3404

publisher

IEEE