O. S. Ternovoy
Methods and Means for Early Detecting and Countering Threats to Information Security Breaches as a Result of Ddos Attacs
The paper presents an original algorithm for the classification of bad traffic and legitimate traffic. Algorithm is based on the use of Bayes theorem and Bayesian classifier. The use of this algorithm allows to obtain training samples, which can be used for training neural networks and various other classifiers, as well as to filter out unwanted traffic.
On the basis of the algorithm software the tool for the detection and classification of attacks is implemented.
The software tool has been tested in the stress-network established on the basis of the ASU computer classes.
Key words: DDOS attack, bot network, traffic anomaly, DDOS, k-means, statistical analysis.