{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T02:43:47Z","timestamp":1747190627481,"version":"3.40.5"},"reference-count":24,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,7,27]],"date-time":"2021-07-27T00:00:00Z","timestamp":1627344000000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Education of China and China Mobile","award":["MCM20180506"],"award-info":[{"award-number":["MCM20180506"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,7,27]]},"abstract":"<jats:p>With the great changes in network scale and network topology, the difficulty of DDoS attack detection increases significantly. Most of the methods proposed in the past rarely considered the real-time, adaptive ability, and other practical issues in the real-world network attack detection environment. In this paper, we proposed a real-time adaptive DDoS attack detection method RT-SAD, based on the response to the external network when attacked. We designed a feature extraction method based on sketch and an adaptive updating algorithm, which makes the method suitable for the high-speed network environment. Experiment results show that our method can detect DDoS attacks using sampled Netflowunder high-speed network environment, with good real-time performance, low resource consumption, and high detection accuracy.<\/jats:p>","DOI":"10.1155\/2021\/9409473","type":"journal-article","created":{"date-parts":[[2021,7,28]],"date-time":"2021-07-28T21:50:08Z","timestamp":1627509008000},"page":"1-10","source":"Crossref","is-referenced-by-count":0,"title":["RT-SAD: Real-Time Sketch-Based Adaptive DDoS Detection for ISP Network"],"prefix":"10.1155","volume":"2021","author":[{"given":"Haibin","family":"Shi","sequence":"first","affiliation":[{"name":"School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China"},{"name":"Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8642-4362","authenticated-orcid":true,"given":"Guang","family":"Cheng","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China"},{"name":"Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China"}]},{"given":"Ying","family":"Hu","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China"},{"name":"Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China"}]},{"given":"Fuzhou","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China"},{"name":"Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China"}]},{"given":"Haoxuan","family":"Ding","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China"},{"name":"Key Laboratory of Computer Network and Information Integration, Southeast University, Ministry of Education, Nanjing 21189, China"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1155\/2021\/5597679"},{"article-title":"Part I: retrospective 2020: DDoS was back-bigger and badder than ever before","year":"2021","author":"T. Emmons","key":"2"},{"article-title":"Akamai mitigates sophisticated 1.44 Tbps and 385 Mpps DDoS attack","year":"2020","author":"L. Jakober","key":"3"},{"article-title":"FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins","year":"2020","author":"C. Cimpanu","key":"4"},{"article-title":"Hping3 package description","year":"2019","author":"Kalitool","key":"5"},{"article-title":"Loic a network stress testing application","year":"2019","author":"abatishchev","key":"6"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/3139937.3139954"},{"article-title":"FDDA: a framework for fast detecting source attack in web application DDoS attack","author":"T. M. Thang","key":"8","doi-asserted-by":"crossref","DOI":"10.1145\/3155133.3155173"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2021.3054522"},{"article-title":"Joint entropy analysis model for DDoS attack detection","author":"H. Rahmani","key":"10","doi-asserted-by":"crossref","DOI":"10.1109\/IAS.2009.298"},{"key":"11","article-title":"DDAM: detecting DDoS attacks using machine learning approach","volume-title":"Computational Intelligence: Theories, Applications and Future Directions-Volume I","author":"K. Narasimha Mallikarjunan","year":"2017"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1016\/j.jksuci.2019.02.003"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1109\/isbast.2014.7013133"},{"key":"14","doi-asserted-by":"crossref","first-page":"410","DOI":"10.7763\/IJET.2017.V9.1008","article-title":"Detection and defense algorithms of different types of DDoS attacks","volume":"9","author":"M. A. M. Yusof","year":"2017","journal-title":"International Journal of Engineering and Technology"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.10.015"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/cloudtech.2017.8284731"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1109\/milcom.2018.8599738"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1155\/2019\/1574749"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1007\/s10489-018-1141-2"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/esci48226.2020.9167642"},{"author":"P. S. Saini","key":"21","article-title":"Detection of DDoS attacks using machine learning algorithms"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/spw.2018.00013"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/smartcomp.2017.7946998"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1080\/00401706.1962.10490022"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/9409473.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/9409473.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/9409473.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,28]],"date-time":"2021-07-28T21:50:11Z","timestamp":1627509011000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/9409473\/"}},"subtitle":[],"editor":[{"given":"Weiwei","family":"Liu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2021,7,27]]},"references-count":24,"alternative-id":["9409473","9409473"],"URL":"https:\/\/doi.org\/10.1155\/2021\/9409473","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2021,7,27]]}}}