On-line Detection of Distributed Attacks from Space-time Network Flow Patterns

John S. Baras, Alvaro A. Cárdenas and Vahid Ramezani

23rd Army Science Conference, Orlando, Florida, Dec 2002.

 

Abstract

Parametric and non-parametric change detection algorithms are applied to the problem of detecting changes in the direction of traffic flow. The directionality of the change in a network flow is assumed to have an objective or target. The particular problem of detecting distributed denial of service attacks from distributed observations is presented as a working framework. The performance of our change detection algorithms is evaluated via simulations.