Volume 12, Number 18, October 2022

F-low: A Promising Countermeasure Against DDoS Attacks based on Split Sketch and PCA

  Authors

Fei Wang, Zhenxing Li and Xiaofeng Wang, National University of Defense Technology, China

  Abstract

Distributed Denial of Service (DDoS) is Achilles' heel of cloud security. This paper thus focuses on detection of such attack, and more importantly, victim identification to promote attack reaction. We present a collaborative system, called F-LOW. Profiting from bitwise-based hash function, split sketch, and lightweight IP reconstruction, F-LOW can defeat shortcomings of principle component analysis (PCA) and regular sketch. Outperforming previous work, our system fits all Four-LOW properties, low profile, low dimensional, low overhead and low transmission, of a promising DDoS countermeasure. Through simulation and theoretical analysis, we demonstrate such properties and remarkable efficacy of our approach in DDoS mitigation.

  Keywords

DDoS detection, victim identification, principle component analysis, split sketch, bitwise-based hash.