The detection of low-rate DoS attacks using the SADBSCAN algorithm

Low-rate denial-of-service (DoS) attacks, which can exploit vulnerabilities in Internet protocols to deteriorate the quality of service, are variants of DoS attacks. It is challenging to identify low-rate DoS attacks using traditional DoS defence mechanisms due to their low attack rate and stealthy...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Information sciences Ročník 565; s. 229 - 247
Hlavní autori: Tang, Dan, Zhang, Siqi, Chen, Jingwen, Wang, Xiyin
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Elsevier Inc 01.07.2021
Predmet:
Attack detection
Cosine similarity
Low-rate DoS
Network traffic analysis
SADBSCAN
SADBSCAN
Cosine similarity
Low-rate DoS
Attack detection
Network traffic analysis
ISSN:0020-0255, 1872-6291
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Abstract Low-rate denial-of-service (DoS) attacks, which can exploit vulnerabilities in Internet protocols to deteriorate the quality of service, are variants of DoS attacks. It is challenging to identify low-rate DoS attacks using traditional DoS defence mechanisms due to their low attack rate and stealthy nature. Most of the existing attack detection techniques are based on statistical analysis and signal processing. They usually show a high false negative rate and are only applicable to small-scale data. We propose a new low-rate DoS attack detection scheme based on the self-adaptive density-based spatial clustering of applications with noise (SADBSCAN) algorithm. The SADBSCAN algorithm provides a solution to adaptively identify clusters in multidensity datasets. We use the SADBSCAN algorithm to group network traffic according to the characteristics of the network traffic subject to low-rate DoS attacks. Then, we use cosine similarity to determine whether the groups contain low-rate DoS attacks. To evaluate performance, we conducted experiments and compared the results with those of other detection solutions. The experimental data include data generated by the NS-2 and TestBed simulations and the WIDE public dataset. The results show that our scheme improves the detection accuracy, reduces the false negative rate, and can be adapted to large-scale complex network environments.
AbstractList Low-rate denial-of-service (DoS) attacks, which can exploit vulnerabilities in Internet protocols to deteriorate the quality of service, are variants of DoS attacks. It is challenging to identify low-rate DoS attacks using traditional DoS defence mechanisms due to their low attack rate and stealthy nature. Most of the existing attack detection techniques are based on statistical analysis and signal processing. They usually show a high false negative rate and are only applicable to small-scale data. We propose a new low-rate DoS attack detection scheme based on the self-adaptive density-based spatial clustering of applications with noise (SADBSCAN) algorithm. The SADBSCAN algorithm provides a solution to adaptively identify clusters in multidensity datasets. We use the SADBSCAN algorithm to group network traffic according to the characteristics of the network traffic subject to low-rate DoS attacks. Then, we use cosine similarity to determine whether the groups contain low-rate DoS attacks. To evaluate performance, we conducted experiments and compared the results with those of other detection solutions. The experimental data include data generated by the NS-2 and TestBed simulations and the WIDE public dataset. The results show that our scheme improves the detection accuracy, reduces the false negative rate, and can be adapted to large-scale complex network environments.
Author Wang, Xiyin
Zhang, Siqi
Tang, Dan
Chen, Jingwen
Author_xml – sequence: 1
  givenname: Dan
  surname: Tang
  fullname: Tang, Dan
– sequence: 2
  givenname: Siqi
  surname: Zhang
  fullname: Zhang, Siqi
  email: zhangsiqi@hnu.edu.cn
– sequence: 3
  givenname: Jingwen
  surname: Chen
  fullname: Chen, Jingwen
– sequence: 4
  givenname: Xiyin
  surname: Wang
  fullname: Wang, Xiyin
BookMark eNp9kMtOwzAURC1UJNrCB7DzDyRcO4mdiFUfvKQKFi1r62I7rUsbI9uA-HtSlRWLrmYzZ6Q5IzLofGcJuWaQM2DiZpu7LuYcOMuB51DUZ2TIaskzwRs2IEMADhnwqrogoxi3AFBKIYZkutpYamyyOjnfUd_Snf_OAiZL535JMSXU75F-Rtetaeq7y8l8upxNninu1j64tNlfkvMWd9Fe_eWYvN7frWaP2eLl4Wk2WWSaNzJltqrNGzKGjWzANIJLaWpZCLRcgymxLLBFJrE2ZaVZ2wqBHCQUmomqAlYVY8KOuzr4GINt1Udweww_ioE6SFBb1UtQBwkKuOol9Iz8x2iX8HA1BXS7k-TtkbT9pS9ng4ra2U5b40IvSxnvTtC_34h3ag
CitedBy_id crossref_primary_10_1109_ACCESS_2023_3346062
crossref_primary_10_1109_ACCESS_2021_3121689
crossref_primary_10_1016_j_cose_2025_104508
crossref_primary_10_1016_j_ins_2022_06_013
crossref_primary_10_1007_s10489_022_03830_8
crossref_primary_10_1051_itmconf_20246504002
crossref_primary_10_1109_TDSC_2021_3131531
crossref_primary_10_1016_j_future_2021_09_039
crossref_primary_10_1109_ACCESS_2022_3191430
crossref_primary_10_1007_s10489_022_04171_2
crossref_primary_10_1109_TETCI_2022_3170515
crossref_primary_10_1016_j_ins_2024_121062
crossref_primary_10_1155_2022_2076987
crossref_primary_10_1109_JSAC_2021_3126053
crossref_primary_10_1016_j_jnca_2024_103916
crossref_primary_10_1016_j_ins_2021_07_013
crossref_primary_10_1145_3704434
crossref_primary_10_1016_j_isatra_2024_03_014
crossref_primary_10_1080_01969722_2023_2175140
crossref_primary_10_1016_j_comnet_2024_110666
crossref_primary_10_1038_s41598_022_26142_w
crossref_primary_10_1007_s11704_022_0486_1
crossref_primary_10_1109_TIM_2022_3216674
crossref_primary_10_1016_j_iot_2025_101512
Cites_doi 10.1109/TIFS.2009.2024719
10.3390/s20102932
10.1109/CC.2017.7961367
10.1109/TDSC.2015.2443807
10.1126/science.1242072
10.1016/j.comnet.2019.01.031
10.1109/JSYST.2020.2991168
10.1016/j.future.2018.07.017
10.1109/TIFS.2014.2321034
10.1016/j.patcog.2016.07.007
10.1016/j.jss.2012.07.065
10.1109/TCC.2014.2325045
10.1016/j.future.2019.12.034
10.1016/j.ins.2019.11.004
10.1016/j.compeleceng.2018.11.004
10.1016/j.adhoc.2020.102145
10.1016/j.ins.2019.08.062
10.1016/j.comnet.2019.01.007
10.1109/INFCOM.2005.1498361
10.1002/dac.2993
10.1109/CC.2014.7022532
10.1016/j.ins.2019.10.069
10.1016/j.ins.2018.04.065
10.1016/j.ssci.2020.104604
10.1109/TCNS.2016.2550858
10.1016/j.cose.2017.09.009
10.1109/TIFS.2011.2107320
10.1109/ACCESS.2019.2903816
10.1145/3183713.3196887
10.1155/2015/465402
10.1016/j.jpdc.2006.04.007
10.1016/j.comnet.2018.02.029
10.1016/j.dcan.2020.04.002
ContentType Journal Article
Copyright 2021 Elsevier Inc.
Copyright_xml – notice: 2021 Elsevier Inc.
DBID AAYXX
CITATION
DOI 10.1016/j.ins.2021.02.038
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
Library & Information Science
EISSN 1872-6291
EndPage 247
ExternalDocumentID 10_1016_j_ins_2021_02_038
S0020025521001808
GroupedDBID --K
--M
--Z
-~X
.DC
.~1
0R~
1B1
1OL
1RT
1~.
1~5
29I
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
9JO
AAAKF
AAAKG
AABNK
AACTN
AAEDT
AAEDW
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AARIN
AAXUO
AAYFN
ABAOU
ABBOA
ABEFU
ABFNM
ABJNI
ABMAC
ABTAH
ABUCO
ABXDB
ABYKQ
ACAZW
ACDAQ
ACGFS
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADGUI
ADJOM
ADMUD
ADTZH
AEBSH
AECPX
AEKER
AENEX
AFFNX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHJVU
AHZHX
AIALX
AIEXJ
AIGVJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
APLSM
ARUGR
ASPBG
AVWKF
AXJTR
AZFZN
BJAXD
BKOJK
BLXMC
CS3
DU5
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
F5P
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-Q
GBLVA
GBOLZ
HAMUX
HLZ
HVGLF
HZ~
H~9
IHE
J1W
JJJVA
KOM
LG9
LY1
M41
MHUIS
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
Q38
R2-
RIG
ROL
RPZ
SBC
SDF
SDG
SDP
SDS
SES
SEW
SPC
SPCBC
SSB
SSD
SST
SSV
SSW
SSZ
T5K
TN5
TWZ
UHS
WH7
WUQ
XPP
YYP
ZMT
ZY4
~02
~G-
77I
9DU
AATTM
AAXKI
AAYWO
AAYXX
ABWVN
ACLOT
ACRPL
ACVFH
ADCNI
ADNMO
ADVLN
AEIPS
AEUPX
AFJKZ
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
CITATION
EFKBS
~HD
ID FETCH-LOGICAL-c297t-e58dba11a9790d96277d8736ae2c0d4a43afa17a8d45c1ff66a20703c16550153
ISICitedReferencesCount 28
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000653661400014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0020-0255
IngestDate Tue Nov 18 22:19:51 EST 2025
Sat Nov 29 07:27:08 EST 2025
Fri Feb 23 02:44:29 EST 2024
IsPeerReviewed true
IsScholarly true
Keywords SADBSCAN
Cosine similarity
Low-rate DoS
Attack detection
Network traffic analysis
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c297t-e58dba11a9790d96277d8736ae2c0d4a43afa17a8d45c1ff66a20703c16550153
PageCount 19
ParticipantIDs crossref_primary_10_1016_j_ins_2021_02_038
crossref_citationtrail_10_1016_j_ins_2021_02_038
elsevier_sciencedirect_doi_10_1016_j_ins_2021_02_038
PublicationCentury 2000
PublicationDate July 2021
2021-07-00
PublicationDateYYYYMMDD 2021-07-01
PublicationDate_xml – month: 07
  year: 2021
  text: July 2021
PublicationDecade 2020
PublicationTitle Information sciences
PublicationYear 2021
Publisher Elsevier Inc
Publisher_xml – name: Elsevier Inc
References Tripathi, Hubballi (b0055) 2018; 72
Chen, Hwang (b0180) 2006; 66
Zhu, Xin, Wu, You (b0025) 2014; 11
Luo, Chang (b0015) 2005
Wu, Lei, Yao, Wang, Musa (b0185) 2013; 86
W. Project, Mawi working group traffic archive (2018). url:http://mawi.wide.ad.jp/mawi/.
Maciá-Fernández, Díaz-Verdejo, García-Teodoro (b0195) 2009; 4
Chen, Meng, Shan, Fu, Bhargava (b0040) 2019; 7
Kuzmanovic, Knightly (b0010) 2003
M. Guirguis, A. Bestavros, I. Matta, Y. Zhang, Reduction of quality (roq) attacks on internet end-systems, in: Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies, IEEE, vol. 2, 2005, pp. 1362–1372.
Li, Liu, Obaidat, Wu, Vijayakumar, Kumar (b0140) 2020; 14
Xiang, Li, Zhou (b0090) 2011; 6
Shashidhara, Balaji (b0150) 2014; 4
Floyd, Henderson, Gurtov (b0065) 2004
Wu, Zhang, Yue (b0080) 2015; 13
Luo, Yang, Wang, Xu, Sun, Long (b0200) 2014; 9
Tang, Tang, Shi, Zhan, Yang (b0110) 2020; 7
Ficco, Rak (b0035) 2014; 3
Tang, Dai, Tang, Zhan, Man (b0125) 2018
Tang, Chen, Chen, Liu, Li (b0165) 2014; 2014
Bojović, Bašičević, Ocovaj, Popović (b0175) 2019; 73
Cambiaso, Chiola, Aiello (b0060) 2019; 150
Kang, Yang, Zhang (b0095) 2015; 2015
Paschos, Tassiulas (b0205) 2016; 4
M. DELIO, New breed of attack zombies lurk, http://www.acm.org/technews/articles/2001-3/0514m.html (2001). url:https://ci.nii.ac.jp/naid/10018698289/en/.
Sun, Li, Bhuiyan, Wang, Li (b0210) 2019; 479
Vuttipittayamongkol, Elyan (b0135) 2020; 509
Chen, Yeo, Lee, Lau (b0100) 2018; 136
Hassan, Gumaei, Alsanad, Alrubaian, Fortino (b0145) 2020; 513
Tang, Man, Tang, Feng, Yang (b0130) 2020; 102
Zhang, Wu, Chen, Yue (b0085) 2017; 30
Huang, Peng, Wang, Zhao (b0160) 2013
H. Song, J.G. Lee, Rp-dbscan: A superfast parallel dbscan algorithm based on random partitioning, in: Proceedings of the 2018 International Conference on Management of Data, ACM, 2018, pp. 1173–1187.
Sahoo, Puthal, Tiwary, Rodrigues, Sahoo, Dash (b0050) 2018; 89
Vaccari, Aiello, Cambiaso (b0045) 2020; 20
Tang, Tang, Dai, Chen, Li, Rodrigues (b0115) 2020; 106
Paxson, Allman (b0070) 2000
Fang, Tan, Wilbur (b0105) 2020; 124
Rodriguez, Laio (b0225) 2014; 344
Wu, Pan, Yue, Liu (b0170) 2019; 152
Liu, Wang, Wu, Yue (b0215) 2020; 6
Ucb/lbnl/vint network simulator—ns (version 2). url:http://www-mash.cs.berkeley.edu/ns/.
Yue, Wang, Wu (b0030) 2019
D. Dua, C. Graff, UCI machine learning repository (2017). url:http://archive.ics.uci.edu/ml.
Wu, Wang, Yan, Yue (b0190) 2017; 14
Yang, Lam (b0075) 2000
Thabtah, Hammoud, Kamalov, Gonsalves (b0120) 2020; 513
Wu, Pei (b0155) 2011; 39
Zhu, Ting, Carman (b0230) 2016; 60
M. Ester, H.P. Kriegel, J. Sander, X. Xu, A density-based algorithm for discovering clusters in large spatial databases with noise, in: KDD, vol. 96, 1996, pp. 226–231.
Maciá-Fernández (10.1016/j.ins.2021.02.038_b0195) 2009; 4
Bojović (10.1016/j.ins.2021.02.038_b0175) 2019; 73
Fang (10.1016/j.ins.2021.02.038_b0105) 2020; 124
Luo (10.1016/j.ins.2021.02.038_b0015) 2005
Huang (10.1016/j.ins.2021.02.038_b0160) 2013
Wu (10.1016/j.ins.2021.02.038_b0170) 2019; 152
Kuzmanovic (10.1016/j.ins.2021.02.038_b0010) 2003
Wu (10.1016/j.ins.2021.02.038_b0155) 2011; 39
Xiang (10.1016/j.ins.2021.02.038_b0090) 2011; 6
Vaccari (10.1016/j.ins.2021.02.038_b0045) 2020; 20
Zhu (10.1016/j.ins.2021.02.038_b0025) 2014; 11
Paschos (10.1016/j.ins.2021.02.038_b0205) 2016; 4
10.1016/j.ins.2021.02.038_b0240
Liu (10.1016/j.ins.2021.02.038_b0215) 2020; 6
Cambiaso (10.1016/j.ins.2021.02.038_b0060) 2019; 150
Tang (10.1016/j.ins.2021.02.038_b0165) 2014; 2014
Floyd (10.1016/j.ins.2021.02.038_b0065) 2004
Tang (10.1016/j.ins.2021.02.038_b0110) 2020; 7
Wu (10.1016/j.ins.2021.02.038_b0080) 2015; 13
Wu (10.1016/j.ins.2021.02.038_b0185) 2013; 86
Chen (10.1016/j.ins.2021.02.038_b0040) 2019; 7
Chen (10.1016/j.ins.2021.02.038_b0100) 2018; 136
Thabtah (10.1016/j.ins.2021.02.038_b0120) 2020; 513
Tang (10.1016/j.ins.2021.02.038_b0115) 2020; 106
10.1016/j.ins.2021.02.038_b0235
Tripathi (10.1016/j.ins.2021.02.038_b0055) 2018; 72
Zhu (10.1016/j.ins.2021.02.038_b0230) 2016; 60
Hassan (10.1016/j.ins.2021.02.038_b0145) 2020; 513
10.1016/j.ins.2021.02.038_b0250
Luo (10.1016/j.ins.2021.02.038_b0200) 2014; 9
Chen (10.1016/j.ins.2021.02.038_b0180) 2006; 66
Li (10.1016/j.ins.2021.02.038_b0140) 2020; 14
Sahoo (10.1016/j.ins.2021.02.038_b0050) 2018; 89
Tang (10.1016/j.ins.2021.02.038_b0125) 2018
Vuttipittayamongkol (10.1016/j.ins.2021.02.038_b0135) 2020; 509
10.1016/j.ins.2021.02.038_b0245
10.1016/j.ins.2021.02.038_b0005
Yue (10.1016/j.ins.2021.02.038_b0030) 2019
10.1016/j.ins.2021.02.038_b0220
Kang (10.1016/j.ins.2021.02.038_b0095) 2015; 2015
10.1016/j.ins.2021.02.038_b0020
Tang (10.1016/j.ins.2021.02.038_b0130) 2020; 102
Shashidhara (10.1016/j.ins.2021.02.038_b0150) 2014; 4
Zhang (10.1016/j.ins.2021.02.038_b0085) 2017; 30
Paxson (10.1016/j.ins.2021.02.038_b0070) 2000
Wu (10.1016/j.ins.2021.02.038_b0190) 2017; 14
Ficco (10.1016/j.ins.2021.02.038_b0035) 2014; 3
Yang (10.1016/j.ins.2021.02.038_b0075) 2000
Sun (10.1016/j.ins.2021.02.038_b0210) 2019; 479
Rodriguez (10.1016/j.ins.2021.02.038_b0225) 2014; 344
References_xml – reference: D. Dua, C. Graff, UCI machine learning repository (2017). url:http://archive.ics.uci.edu/ml.
– volume: 2015
  year: 2015
  ident: b0095
  article-title: Accurately identifying new qos violation driven by high-distributed low-rate denial of service attacks based on multiple observed features
  publication-title: Journal of Sensors
– volume: 89
  start-page: 685
  year: 2018
  end-page: 697
  ident: b0050
  article-title: An early detection of low rate ddos attack to sdn based data center networks using information distance metrics
  publication-title: Future Generation Computer Systems
– volume: 60
  start-page: 983
  year: 2016
  end-page: 997
  ident: b0230
  article-title: Density-ratio based clustering for discovering clusters with varying densities
  publication-title: Pattern Recognition
– start-page: 92
  year: 2018
  end-page: 104
  ident: b0125
  article-title: Low-rate dos attack detection based on two-step cluster analysis
  publication-title: in: International Conference on Information and Communications Security
– volume: 30
  start-page: e2993
  year: 2017
  ident: b0085
  article-title: An adaptive kpca approach for detecting ldos attack
  publication-title: International Journal of Communication Systems
– reference: W. Project, Mawi working group traffic archive (2018). url:http://mawi.wide.ad.jp/mawi/.
– reference: Ucb/lbnl/vint network simulator—ns (version 2). url:http://www-mash.cs.berkeley.edu/ns/.
– volume: 72
  start-page: 255
  year: 2018
  end-page: 272
  ident: b0055
  article-title: Slow rate denial of service attacks against http/2 and detection
  publication-title: Computers & Security
– start-page: 187
  year: 2000
  end-page: 198
  ident: b0075
  article-title: General aimd congestion control
  publication-title: Proceedings 2000 International Conference on Network Protocols, IEEE
– year: 2005
  ident: b0015
  article-title: On a New Class of Pulsing Denial-of-Service Attacks and the Defense
  publication-title: Proceedings of the Network and Distributed System Security Symposium {NDSS}
– reference: M. Guirguis, A. Bestavros, I. Matta, Y. Zhang, Reduction of quality (roq) attacks on internet end-systems, in: Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies, IEEE, vol. 2, 2005, pp. 1362–1372.
– reference: M. DELIO, New breed of attack zombies lurk, http://www.acm.org/technews/articles/2001-3/0514m.html (2001). url:https://ci.nii.ac.jp/naid/10018698289/en/.
– start-page: 209
  year: 2013
  end-page: 222
  ident: b0160
  article-title: A study of ldos flows variations based on similarity measurement
  publication-title: International Conference on Internet and Distributed Computing Systems
– volume: 4
  year: 2014
  ident: b0150
  article-title: Low rate denial of service (ldos) attack–a survey
  publication-title: International Journal of Emerging Technology and Advanced Engineering
– volume: 513
  start-page: 429
  year: 2020
  end-page: 441
  ident: b0120
  article-title: Data imbalance in classification: Experimental evaluation
  publication-title: Information Sciences
– reference: H. Song, J.G. Lee, Rp-dbscan: A superfast parallel dbscan algorithm based on random partitioning, in: Proceedings of the 2018 International Conference on Management of Data, ACM, 2018, pp. 1173–1187.
– volume: 39
  start-page: 1456
  year: 2011
  end-page: 1460
  ident: b0155
  article-title: The detection of ldos attack based on the model of small signal
  publication-title: Dianzi Xuebao(Acta Electronica Sinica)
– volume: 14
  start-page: 3547
  year: 2020
  end-page: 3557
  ident: b0140
  article-title: A lightweight privacy-preserving authentication protocol for vanets
  publication-title: IEEE Systems Journal
– volume: 150
  start-page: 234
  year: 2019
  end-page: 249
  ident: b0060
  article-title: Introducing the slowdrop attack
  publication-title: Computer Networks
– year: 2000
  ident: b0070
  article-title: Rfc2988: computing tcp’s retransmission timer
  publication-title: IETF
– volume: 6
  start-page: 426
  year: 2011
  end-page: 437
  ident: b0090
  article-title: Low-rate ddos attacks detection and traceback by using new information metrics
  publication-title: IEEE Transactions on Information Forensics and Security
– volume: 4
  start-page: 519
  year: 2009
  end-page: 529
  ident: b0195
  article-title: Mathematical model for low-rate dos attacks against application servers
  publication-title: IEEE Transactions on Information Forensics and Security
– volume: 509
  start-page: 47
  year: 2020
  end-page: 70
  ident: b0135
  article-title: Neighbourhood-based undersampling approach for handling imbalanced and overlapped data
  publication-title: Information Sciences
– volume: 3
  start-page: 80
  year: 2014
  end-page: 94
  ident: b0035
  article-title: Stealthy denial of service strategy in cloud computing
  publication-title: IEEE Transactions on Cloud Computing
– volume: 4
  start-page: 749
  year: 2016
  end-page: 760
  ident: b0205
  article-title: Sustainability of service provisioning systems under stealth dos attacks
  publication-title: IEEE Transactions on Control of Network Systems
– volume: 6
  start-page: 504
  year: 2020
  end-page: 513
  ident: b0215
  article-title: The detection method of low-rate dos attack based on multi-feature fusion
  publication-title: Digital Communications and Networks
– volume: 124
  year: 2020
  ident: b0105
  article-title: Application of intrusion detection technology in network safety based on machine learning
  publication-title: Safety Science
– volume: 344
  start-page: 1492
  year: 2014
  end-page: 1496
  ident: b0225
  article-title: Clustering by fast search and find of density peaks
  publication-title: Science
– start-page: 75
  year: 2003
  end-page: 86
  ident: b0010
  article-title: Low-rate tcp-targeted denial of service attacks: the shrew vs. the mice and elephants
  publication-title: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications
– volume: 513
  start-page: 386
  year: 2020
  end-page: 396
  ident: b0145
  article-title: A hybrid deep learning model for efficient intrusion detection in big data environment
  publication-title: Information Sciences
– start-page: 1
  year: 2019
  end-page: 16
  ident: b0030
  article-title: Low-high burst: a double potency varying-rtt based full-buffer shrew attack model
  publication-title: IEEE Transactions on Dependable and Secure Computing
– volume: 136
  start-page: 80
  year: 2018
  end-page: 94
  ident: b0100
  article-title: Power spectrum entropy based detection and mitigation of low-rate dos attacks
  publication-title: Computer Networks
– volume: 102
  year: 2020
  ident: b0130
  article-title: Wedms: An advanced mean shift clustering algorithm for ldos attacks detection
  publication-title: Ad Hoc Networks
– volume: 86
  start-page: 211
  year: 2013
  end-page: 221
  ident: b0185
  article-title: Chaos-based detection of ldos attacks
  publication-title: Journal of Systems and Software
– year: 2004
  ident: b0065
  article-title: Rfc3782: The newreno modification to tcp’s fast recovery algorithm
  publication-title: IETF
– volume: 106
  start-page: 347
  year: 2020
  end-page: 359
  ident: b0115
  article-title: Mf-adaboost: Ldos attack detection based on multi-features and improved adaboost
  publication-title: Future Generation Computer Systems
– volume: 66
  start-page: 1137
  year: 2006
  end-page: 1151
  ident: b0180
  article-title: Collaborative detection and filtering of shrew ddos attacks using spectral analysis
  publication-title: Journal of Parallel and Distributed Computing
– reference: M. Ester, H.P. Kriegel, J. Sander, X. Xu, A density-based algorithm for discovering clusters in large spatial databases with noise, in: KDD, vol. 96, 1996, pp. 226–231.
– volume: 7
  start-page: 1
  year: 2020
  end-page: 18
  ident: b0110
  article-title: Mf-cnn: a new approach for ldos attack detection based on multi-feature fusion and cnn
  publication-title: Mobile Networks and Applications
– volume: 2014
  year: 2014
  ident: b0165
  article-title: Adaptive ewma method based on abnormal network traffic for ldos attacks
  publication-title: Mathematical Problems in Engineering
– volume: 152
  start-page: 64
  year: 2019
  end-page: 77
  ident: b0170
  article-title: Sequence alignment detection of tcp-targeted synchronous low-rate dos attacks
  publication-title: Computer Networks
– volume: 73
  start-page: 84
  year: 2019
  end-page: 96
  ident: b0175
  article-title: A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method
  publication-title: Computers & Electrical Engineering
– volume: 14
  start-page: 98
  year: 2017
  end-page: 112
  ident: b0190
  article-title: Low-rate dos attack flows filtering based on frequency spectral analysis
  publication-title: China Communications
– volume: 7
  start-page: 32853
  year: 2019
  end-page: 32866
  ident: b0040
  article-title: A novel low-rate denial of service attack detection approach in zigbee wireless sensor network by combining hilbert-huang transformation and trust evaluation
  publication-title: IEEE Access
– volume: 9
  start-page: 1069
  year: 2014
  end-page: 1083
  ident: b0200
  article-title: On a mathematical model for low-rate shrew ddos
  publication-title: IEEE Transactions on Information Forensics and Security
– volume: 20
  year: 2020
  ident: b0045
  article-title: Slowite, a novel denial of service attack affecting mqtt
  publication-title: Sensors
– volume: 11
  start-page: 101
  year: 2014
  end-page: 107
  ident: b0025
  article-title: A novel distributed ldos attack scheme against internet routing
  publication-title: China Communications
– volume: 479
  start-page: 456
  year: 2019
  end-page: 471
  ident: b0210
  article-title: Modeling and clustering attacker activities in iot through machine learning techniques
  publication-title: Information Sciences
– volume: 13
  start-page: 559
  year: 2015
  end-page: 567
  ident: b0080
  article-title: Low-rate dos attacks detection based on network multifractal
  publication-title: IEEE Transactions on Dependable and Secure Computing
– volume: 4
  start-page: 519
  issue: 3
  year: 2009
  ident: 10.1016/j.ins.2021.02.038_b0195
  article-title: Mathematical model for low-rate dos attacks against application servers
  publication-title: IEEE Transactions on Information Forensics and Security
  doi: 10.1109/TIFS.2009.2024719
– ident: 10.1016/j.ins.2021.02.038_b0245
– volume: 20
  issue: 10
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0045
  article-title: Slowite, a novel denial of service attack affecting mqtt
  publication-title: Sensors
  doi: 10.3390/s20102932
– volume: 14
  start-page: 98
  issue: 6
  year: 2017
  ident: 10.1016/j.ins.2021.02.038_b0190
  article-title: Low-rate dos attack flows filtering based on frequency spectral analysis
  publication-title: China Communications
  doi: 10.1109/CC.2017.7961367
– volume: 13
  start-page: 559
  issue: 5
  year: 2015
  ident: 10.1016/j.ins.2021.02.038_b0080
  article-title: Low-rate dos attacks detection based on network multifractal
  publication-title: IEEE Transactions on Dependable and Secure Computing
  doi: 10.1109/TDSC.2015.2443807
– volume: 344
  start-page: 1492
  issue: 6191
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0225
  article-title: Clustering by fast search and find of density peaks
  publication-title: Science
  doi: 10.1126/science.1242072
– volume: 152
  start-page: 64
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0170
  article-title: Sequence alignment detection of tcp-targeted synchronous low-rate dos attacks
  publication-title: Computer Networks
  doi: 10.1016/j.comnet.2019.01.031
– volume: 14
  start-page: 3547
  issue: 3
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0140
  article-title: A lightweight privacy-preserving authentication protocol for vanets
  publication-title: IEEE Systems Journal
  doi: 10.1109/JSYST.2020.2991168
– volume: 89
  start-page: 685
  year: 2018
  ident: 10.1016/j.ins.2021.02.038_b0050
  article-title: An early detection of low rate ddos attack to sdn based data center networks using information distance metrics
  publication-title: Future Generation Computer Systems
  doi: 10.1016/j.future.2018.07.017
– volume: 9
  start-page: 1069
  issue: 7
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0200
  article-title: On a mathematical model for low-rate shrew ddos
  publication-title: IEEE Transactions on Information Forensics and Security
  doi: 10.1109/TIFS.2014.2321034
– volume: 60
  start-page: 983
  year: 2016
  ident: 10.1016/j.ins.2021.02.038_b0230
  article-title: Density-ratio based clustering for discovering clusters with varying densities
  publication-title: Pattern Recognition
  doi: 10.1016/j.patcog.2016.07.007
– volume: 86
  start-page: 211
  issue: 1
  year: 2013
  ident: 10.1016/j.ins.2021.02.038_b0185
  article-title: Chaos-based detection of ldos attacks
  publication-title: Journal of Systems and Software
  doi: 10.1016/j.jss.2012.07.065
– start-page: 75
  year: 2003
  ident: 10.1016/j.ins.2021.02.038_b0010
  article-title: Low-rate tcp-targeted denial of service attacks: the shrew vs. the mice and elephants
– volume: 3
  start-page: 80
  issue: 1
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0035
  article-title: Stealthy denial of service strategy in cloud computing
  publication-title: IEEE Transactions on Cloud Computing
  doi: 10.1109/TCC.2014.2325045
– start-page: 1
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0030
  article-title: Low-high burst: a double potency varying-rtt based full-buffer shrew attack model
  publication-title: IEEE Transactions on Dependable and Secure Computing
– volume: 106
  start-page: 347
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0115
  article-title: Mf-adaboost: Ldos attack detection based on multi-features and improved adaboost
  publication-title: Future Generation Computer Systems
  doi: 10.1016/j.future.2019.12.034
– start-page: 209
  year: 2013
  ident: 10.1016/j.ins.2021.02.038_b0160
  article-title: A study of ldos flows variations based on similarity measurement
– volume: 513
  start-page: 429
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0120
  article-title: Data imbalance in classification: Experimental evaluation
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2019.11.004
– volume: 73
  start-page: 84
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0175
  article-title: A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method
  publication-title: Computers & Electrical Engineering
  doi: 10.1016/j.compeleceng.2018.11.004
– volume: 102
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0130
  article-title: Wedms: An advanced mean shift clustering algorithm for ldos attacks detection
  publication-title: Ad Hoc Networks
  doi: 10.1016/j.adhoc.2020.102145
– volume: 7
  start-page: 1
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0110
  article-title: Mf-cnn: a new approach for ldos attack detection based on multi-feature fusion and cnn
  publication-title: Mobile Networks and Applications
– volume: 509
  start-page: 47
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0135
  article-title: Neighbourhood-based undersampling approach for handling imbalanced and overlapped data
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2019.08.062
– volume: 150
  start-page: 234
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0060
  article-title: Introducing the slowdrop attack
  publication-title: Computer Networks
  doi: 10.1016/j.comnet.2019.01.007
– ident: 10.1016/j.ins.2021.02.038_b0020
  doi: 10.1109/INFCOM.2005.1498361
– ident: 10.1016/j.ins.2021.02.038_b0220
– volume: 30
  start-page: e2993
  issue: 4
  year: 2017
  ident: 10.1016/j.ins.2021.02.038_b0085
  article-title: An adaptive kpca approach for detecting ldos attack
  publication-title: International Journal of Communication Systems
  doi: 10.1002/dac.2993
– volume: 11
  start-page: 101
  issue: 13
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0025
  article-title: A novel distributed ldos attack scheme against internet routing
  publication-title: China Communications
  doi: 10.1109/CC.2014.7022532
– year: 2004
  ident: 10.1016/j.ins.2021.02.038_b0065
  article-title: Rfc3782: The newreno modification to tcp’s fast recovery algorithm
  publication-title: IETF
– volume: 513
  start-page: 386
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0145
  article-title: A hybrid deep learning model for efficient intrusion detection in big data environment
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2019.10.069
– volume: 479
  start-page: 456
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0210
  article-title: Modeling and clustering attacker activities in iot through machine learning techniques
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2018.04.065
– year: 2000
  ident: 10.1016/j.ins.2021.02.038_b0070
  article-title: Rfc2988: computing tcp’s retransmission timer
  publication-title: IETF
– volume: 124
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0105
  article-title: Application of intrusion detection technology in network safety based on machine learning
  publication-title: Safety Science
  doi: 10.1016/j.ssci.2020.104604
– volume: 2014
  issue: 7
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0165
  article-title: Adaptive ewma method based on abnormal network traffic for ldos attacks
  publication-title: Mathematical Problems in Engineering
– volume: 4
  issue: 6
  year: 2014
  ident: 10.1016/j.ins.2021.02.038_b0150
  article-title: Low rate denial of service (ldos) attack–a survey
  publication-title: International Journal of Emerging Technology and Advanced Engineering
– volume: 4
  start-page: 749
  issue: 4
  year: 2016
  ident: 10.1016/j.ins.2021.02.038_b0205
  article-title: Sustainability of service provisioning systems under stealth dos attacks
  publication-title: IEEE Transactions on Control of Network Systems
  doi: 10.1109/TCNS.2016.2550858
– volume: 72
  start-page: 255
  year: 2018
  ident: 10.1016/j.ins.2021.02.038_b0055
  article-title: Slow rate denial of service attacks against http/2 and detection
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2017.09.009
– volume: 6
  start-page: 426
  issue: 2
  year: 2011
  ident: 10.1016/j.ins.2021.02.038_b0090
  article-title: Low-rate ddos attacks detection and traceback by using new information metrics
  publication-title: IEEE Transactions on Information Forensics and Security
  doi: 10.1109/TIFS.2011.2107320
– ident: 10.1016/j.ins.2021.02.038_b0250
– start-page: 187
  year: 2000
  ident: 10.1016/j.ins.2021.02.038_b0075
  article-title: General aimd congestion control
– volume: 7
  start-page: 32853
  year: 2019
  ident: 10.1016/j.ins.2021.02.038_b0040
  article-title: A novel low-rate denial of service attack detection approach in zigbee wireless sensor network by combining hilbert-huang transformation and trust evaluation
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2019.2903816
– ident: 10.1016/j.ins.2021.02.038_b0235
  doi: 10.1145/3183713.3196887
– volume: 39
  start-page: 1456
  issue: 6
  year: 2011
  ident: 10.1016/j.ins.2021.02.038_b0155
  article-title: The detection of ldos attack based on the model of small signal
  publication-title: Dianzi Xuebao(Acta Electronica Sinica)
– volume: 2015
  year: 2015
  ident: 10.1016/j.ins.2021.02.038_b0095
  article-title: Accurately identifying new qos violation driven by high-distributed low-rate denial of service attacks based on multiple observed features
  publication-title: Journal of Sensors
  doi: 10.1155/2015/465402
– year: 2005
  ident: 10.1016/j.ins.2021.02.038_b0015
  article-title: On a New Class of Pulsing Denial-of-Service Attacks and the Defense
– start-page: 92
  year: 2018
  ident: 10.1016/j.ins.2021.02.038_b0125
  article-title: Low-rate dos attack detection based on two-step cluster analysis
– volume: 66
  start-page: 1137
  issue: 9
  year: 2006
  ident: 10.1016/j.ins.2021.02.038_b0180
  article-title: Collaborative detection and filtering of shrew ddos attacks using spectral analysis
  publication-title: Journal of Parallel and Distributed Computing
  doi: 10.1016/j.jpdc.2006.04.007
– volume: 136
  start-page: 80
  year: 2018
  ident: 10.1016/j.ins.2021.02.038_b0100
  article-title: Power spectrum entropy based detection and mitigation of low-rate dos attacks
  publication-title: Computer Networks
  doi: 10.1016/j.comnet.2018.02.029
– ident: 10.1016/j.ins.2021.02.038_b0240
– volume: 6
  start-page: 504
  year: 2020
  ident: 10.1016/j.ins.2021.02.038_b0215
  article-title: The detection method of low-rate dos attack based on multi-feature fusion
  publication-title: Digital Communications and Networks
  doi: 10.1016/j.dcan.2020.04.002
– ident: 10.1016/j.ins.2021.02.038_b0005
SSID ssj0004766
Score 2.4769707
Snippet Low-rate denial-of-service (DoS) attacks, which can exploit vulnerabilities in Internet protocols to deteriorate the quality of service, are variants of DoS...
SourceID crossref
elsevier
SourceType Enrichment Source
Index Database
Publisher
StartPage 229
SubjectTerms Attack detection
Cosine similarity
Low-rate DoS
Network traffic analysis
SADBSCAN
Title The detection of low-rate DoS attacks using the SADBSCAN algorithm
URI https://dx.doi.org/10.1016/j.ins.2021.02.038
Volume 565
WOSCitedRecordID wos000653661400014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: ScienceDirect Freedom Collection - Elsevier
  customDbUrl:
  eissn: 1872-6291
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0004766
  issn: 0020-0255
  databaseCode: AIEXJ
  dateStart: 19950101
  isFulltext: true
  titleUrlDefault: https://www.sciencedirect.com
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1Nb9QwELXQlgMcEBQQBYp8QByoLMVeJ7aPW1oEHCqkXcTeIsdxINWSLbspLf-ecWwnoXwIkLhEURQn0cyLPTOeeYPQ00KXKitESQy3jHBlKCk4VaRKZVGJQnFZ6a7ZhDg5kculehtyVbddOwHRNPLyUp39V1XDNVC2K539C3X3D4ULcA5KhyOoHY5_rPjSttZEW3C1viCOEAKM5fmBbltXVX9wvo11UvPZ0eHc9X3Uqw_rTd1-_DQ2WEO5UvessFr2VvgixJqPBoQN8ef6cz2kDoQKEHjlxVB69j7cuqy_BvrvEH1gtM9UDSGxWBbzXdams0GJc1b8IuNnVikYyZhvzRWn3jRLx5NniH34dZh5Js4fpngfbTgFv8SxrTNPueoZYq4wZ7uN6M5nYo5oSrqS8B0mUiUnaGf2-nj5ZiigFX5TO3533P7uEgGvvOjnBszIKFncRreCN4FnHgV30DXb7KKbI47JXbQfKlPwMzzSJQ5z-l10CHjBPV7wusIRLxjwggNecIcXDHjBES-4x8s99O7l8eLFKxIaaxDDlGiJTWVZaEq1EiopXfslUUoxzbRlJim55lNdaSq0LHlqaFVlmWZuaTA0A4cW1sj7aNKsG_sAYWuSTr6WpoKDGMHets4oloLb6ZQneyiJ0spNYJ13zU9WeUwvPM1BwLkTcJ6wHAS8h573Q8485crvbuZRBXn4C7wtmANefj3s4b8Ne4RuDD_BYzRpN-d2H103X9p6u3kSUPUNBK6KmQ
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=The+detection+of+low-rate+DoS+attacks+using+the+SADBSCAN+algorithm&rft.jtitle=Information+sciences&rft.au=Tang%2C+Dan&rft.au=Zhang%2C+Siqi&rft.au=Chen%2C+Jingwen&rft.au=Wang%2C+Xiyin&rft.date=2021-07-01&rft.pub=Elsevier+Inc&rft.issn=0020-0255&rft.eissn=1872-6291&rft.volume=565&rft.spage=229&rft.epage=247&rft_id=info:doi/10.1016%2Fj.ins.2021.02.038&rft.externalDocID=S0020025521001808
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0020-0255&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0020-0255&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0020-0255&client=summon