Now 1649 visitors
Today:384 Yesterday:890
Total: 452269 413S 88P 97R
2026-04-22, Week 17
Member Login
Welcome Message
Statistics & History
Committee
TACT Journal Homepage
Call for Paper
Paper Submission
Find My Paper
Author Homepage
Paper Procedure
FAQ
Registration & Invoice
Paper Archives
Outstanding Papers
Program & Proceedings
Presentation Platform
Hotel & Travel Info
Photo Gallery
Scheduler Login
Seminar
Archives Login
Sponsors




















IEEE/ICACT20220359 Question.2
Questioner: 201127035@fzu.edu.cn    2022-02-14 ¿ÀÈÄ 3:36:56
IEEE/ICACT20220359 Answer.2
Answer by Auhor shyoon17@korea.ac.kr   2022-02-14 ¿ÀÈÄ 3:36:56
How the classification of DDoS detection items and the items necessary for DDoS detection were chosen? Six DDoS detection categories were identified by referring to R. Braga, E. Mota and A. Passito, "Lightweight DDoS flooding attack detection using NOX/OpenFlow," IEEE Local Computer Network Conference, 2010, pp. 408-415, doi: 10.1109/LCN.2010.5735752. Average of Packets per flow, Average of Bytes per flow, Average of duration per flow, Percentage of pair flow, Growth of single flow, Growth of different ports. Through this, the Total Packer Number was extracted based on the Average of Packets per flow, and the Total Data Size was extracted through the Average of Bytes per flow. In addition, different src IP, Port and Same dst IP, and Port Pair were extracted through Percentage of pair flow and Growth of different ports. After extracting these four attributes, the three attributes to be set on the X, Y, and Z axes were continuously changed src IP by several zombie PCs due to the nature of the DDoS attack, so the src IP and same dst IP pairs were classified, and large amounts of traffic during attacks, so use the number of packets and the size of data.

Select Voice