{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T16:13:40Z","timestamp":1772727220541,"version":"3.50.1"},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2018,7,16]],"date-time":"2018-07-16T00:00:00Z","timestamp":1531699200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["EURASIP J. on Info. Security"],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1186\/s13635-018-0079-6","type":"journal-article","created":{"date-parts":[[2018,7,16]],"date-time":"2018-07-16T14:21:42Z","timestamp":1531750902000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Detection of spoofed and non-spoofed DDoS attacks and discriminating them from flash crowds"],"prefix":"10.1186","volume":"2018","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6877-960X","authenticated-orcid":false,"given":"Jaideep","family":"Gera","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bhanu Prakash","family":"Battula","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,7,16]]},"reference":[{"key":"79_CR1","first-page":"1","volume":"6","author":"KM Prasad","year":"2010","unstructured":"Prasad, KM, Reddy, ARM, Rao, KV. (2010). Discriminating DDoS attack traffic from flash crowds on Internet Threat Monitors (ITM) using entropy variations. IEEE., 6, 1\u201310.","journal-title":"IEEE."},{"key":"79_CR2","first-page":"1","volume":"6","author":"X Yi","year":"2011","unstructured":"Yi, X, Tang, S, Xiang, Y, Hu, J. (2011). Resisting web proxy-based HTTP attacks by temporal and spatial locality behavior. IEEE., 6, 1\u201311.","journal-title":"IEEE."},{"issue":"2014","key":"79_CR3","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1016\/j.future.2013.08.002","volume":"38","author":"W Zhoua","year":"2014","unstructured":"Zhoua, W, Jia, W, Wenc, S, Xiang, Y, Zhouc, W. (2014). Detection and defense of application-layer DDoS attacks in backbone web traffic. Futur. Gener. Comput. Syst., 38(2014), 36\u201346.","journal-title":"Futur. Gener. Comput. Syst."},{"key":"79_CR4","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1016\/j.neucom.2015.04.101","volume":"172","author":"A Saied","year":"2016","unstructured":"Saied, A, Overill, RE, Radzik, T. (2016). Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing, 172, 385\u2013393 Elsevier.","journal-title":"Neurocomputing"},{"key":"79_CR5","first-page":"1","volume-title":"5th International Conference on Communication Systems ans Network Technologies","author":"MH Bhuyan","year":"2015","unstructured":"Bhuyan, MH, Kalwar, A, Bhattacharyya, DK, Kalita, JK (2015). Low-rate and High-rate Distributed DoS Attack Detection Using Partial Rank Correlation. In 5th International Conference on Communication Systems ans Network Technologies, (pp. 1\u20135)."},{"issue":"part B","key":"79_CR6","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1016\/j.cose.2013.09.002","volume":"39","author":"D Seo","year":"2013","unstructured":"Seo, D, Lee, H, Perrig, A. (2013). APFS: Adaptive Probabilistic Filter Scheduling against distributed denial-of-service attacks. Comput. Secur., 39(part B), 366\u2013385 Elsevier.","journal-title":"Comput. Secur."},{"key":"79_CR7","first-page":"287","volume-title":"USENIX Association, NSDI \u201905: 2nd Symposium on Networked Systems Design & Implementation","author":"S Kandula","year":"2012","unstructured":"Kandula, S, Katabi, D, Jacob, M, Berger, A (2012). Botz4Sale: Surviving Organized DDoS Attacks That Mimic Flash Crowds. In USENIX Association, NSDI \u201905: 2nd Symposium on Networked Systems Design & Implementation, (pp. 287\u2013300)."},{"key":"79_CR8","first-page":"1","volume-title":"Detecting distributed denial-of-service attacks and flash events","author":"S Bhatia","year":"2013","unstructured":"Bhatia, S (2013). Detecting distributed denial-of-service attacks and flash events, (pp. 1\u2013238)."},{"key":"79_CR9","first-page":"969","volume-title":"Discriminating DDoS attack traffic from flash crowd through packet arrival patterns","author":"T Thapngam","year":"2012","unstructured":"Thapngam, T, Shui, Y, Zhou, W, Beliakov, G (2012). Discriminating DDoS attack traffic from flash crowd through packet arrival patterns, (pp. 969\u2013974)."},{"key":"79_CR10","doi-asserted-by":"crossref","unstructured":"Mahajan, D, & Sachdeva, M (2013). Distinguishing DDoS Attack and Flash Event using Real- World Datasets with Entropy as an Evaluation Metric. In 2013 International Conference on Machine Intelligence and Research Advancement, (pp. 90\u201394). IEEE.","DOI":"10.1109\/ICMIRA.2013.24"},{"issue":"2","key":"79_CR11","first-page":"53","volume":"6","author":"KM Prasad","year":"2013","unstructured":"Prasad, KM, Reddy, ARM, Rao, KV. (2013). Discriminating DDoS attack traffic from flash crowds on Internet Threat Monitors (ITM) using entropy variations. IEEE., 6(2), 53\u201362.","journal-title":"IEEE."},{"key":"79_CR12","doi-asserted-by":"crossref","unstructured":"Sachdeva, M, & Kumar, K. (2014). A Traffic Cluster Entropy Based Approach to Distinguish DDoS Attacks from Flash Event Using DETER Testbed. ISRN Commun. Netw., 1\u201316.","DOI":"10.1155\/2014\/259831"},{"key":"79_CR13","first-page":"95","volume":"40","author":"S Bhatia","year":"2014","unstructured":"Bhatia, S, Schmidt, D, Mohay, G, Tickle, A. (2014). A framework for generating realistic traffic for distributed denial-of-service attacks and flash events. Science Direct., 40, 95\u2013107.","journal-title":"Science Direct."},{"key":"79_CR14","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1016\/j.physa.2014.06.085","volume":"413","author":"J Pan","year":"2014","unstructured":"Pan, J, Hua, H, Liu, Y. (2014). Human behavior during flash crowd in web surfing. Physica A., 413, 212\u2013219.","journal-title":"Physica A."},{"issue":"4","key":"79_CR15","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1016\/j.vehcom.2015.10.002","volume":"2","author":"A Grzybek","year":"2015","unstructured":"Grzybek, A, Seredynski, M, Danoy, G, Bouvry, P. (2015). Mitigating Flash Crowd Effect Using Connected Vehicle Technology. Veh. Commun., 2(4), 238\u2013250 Elsevier.","journal-title":"Veh. Commun."},{"key":"79_CR16","first-page":"1","volume-title":"IEEE Xplore, Second International Conference on Computational Intelligence & Communication Technology (CICT)","author":"A Rai","year":"2016","unstructured":"Rai, A, & Challa, RK (2016). Survey on Recent DDoS Mitigation Techniques and Comparative Analysis. In IEEE Xplore, Second International Conference on Computational Intelligence & Communication Technology (CICT), (pp. 1\u20137)."},{"issue":"4","key":"79_CR17","doi-asserted-by":"publisher","first-page":"2046","DOI":"10.1109\/SURV.2013.031413.00127","volume":"15","author":"ST Zargar","year":"2013","unstructured":"Zargar, ST, Joshi, J, Tipper, D. (2013). A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks. IEEE Commun. Surv. Tutorials, 15(4), 2046\u20132069.","journal-title":"IEEE Commun. Surv. Tutorials"},{"issue":"1","key":"79_CR18","doi-asserted-by":"crossref","first-page":"616","DOI":"10.37622\/IJAER\/11.1.2016.616-620","volume":"11","author":"G Jaideep","year":"2016","unstructured":"Jaideep, G, & Battula, BP. (2016). Survey on the present state-of-the-art of P2P networks, their security issues and counter measures. Int. J. Appl. Eng. Res., 11(1), 616\u2013620 ISSN 0973\u20134562.","journal-title":"Int. J. Appl. Eng. Res."},{"issue":"c","key":"79_CR19","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.patrec.2014.07.019","volume":"51","author":"MH Bhuyana","year":"2015","unstructured":"Bhuyana, MH, Bhattacharyyab, DK, Kalitac, JK. (2015). An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn. Lett., 51(c), 1\u20137.","journal-title":"Pattern Recogn. Lett."},{"key":"79_CR20","first-page":"8","volume":"26","author":"M Sachdeva a","year":"2016","unstructured":"Sachdeva a, M, Kumar, K, Singh, G. (2016). A comprehensive approach to discriminate DDoS attacks from flash events. J. Inf. Secur. Appl., 26, 8\u201322.","journal-title":"J. Inf. Secur. Appl."},{"key":"79_CR21","first-page":"406","volume-title":"IEEE Xplore, IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security(IDS)","author":"A Little","year":"2016","unstructured":"Little, A, Mountrouidou, X, Moseley, D (2016). Spectral Clustering Technique for Classifying Network Attacks. In IEEE Xplore, IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security(IDS), (pp. 406\u2013411)."},{"key":"79_CR22","doi-asserted-by":"crossref","unstructured":"Aizuddin, AA, Norulazmi, M, Akimi, S (2017). DNS Amplification Attack Detection And Mitigation Via sflow With Security-Centric SDN, (vol. Article.3, pp. 1\u20138). ACM DL, IMCOM\u201917.","DOI":"10.1145\/3022227.3022230"},{"key":"79_CR23","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1016\/j.diin.2017.02.001","volume":"20","author":"DM Divakaran","year":"2017","unstructured":"Divakaran, DM, Fok, KW, Nevat, I, Thing, VLL. (2017). Evidence Gathering For Network Security And Forensics. Digit. Investig., 20, 56\u201365 Elsevier.","journal-title":"Digit. Investig."},{"key":"79_CR24","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1016\/j.asoc.2015.05.019","volume":"34","author":"G Fernandes Jr","year":"2015","unstructured":"Fernandes Jr, G, Rodriguesa, JJPC, Proenc Jr, ML. (2015). Autonomous Profile-Based Anomaly Detection System Using Principal Component Analysis And Flow Analysis. Appl. Soft Comput., 34, 513\u2013525 Elsevier.","journal-title":"Appl. Soft Comput."},{"issue":"2","key":"79_CR25","doi-asserted-by":"publisher","first-page":"791","DOI":"10.1016\/j.jnca.2012.12.005","volume":"36","author":"C Xua","year":"2013","unstructured":"Xua, C, Dua, C, Zhao, GF, Yub, S. (2013). A novel model for user clicks identification based on hidden semi-Markov. J. Netw. Comput. Appl., 36(2), 791\u2013798 Elsevier.","journal-title":"J. Netw. Comput. Appl."},{"issue":"7","key":"79_CR26","doi-asserted-by":"publisher","first-page":"1401","DOI":"10.1109\/TPDS.2012.232","volume":"24","author":"Y Xie","year":"2013","unstructured":"Xie, Y, Tang, S, Xiang, Y, Hu, J. (2013). Resisting Web Proxy-based HTTP Attacks by Temporal and Spatial Locality Behavior. IEEE Trans. Parallel Distrib. Syst., 24(7), 1401\u20131410 Elsevier.","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"79_CR27","first-page":"6036","volume":"5","author":"A Sahi","year":"2017","unstructured":"Sahi, A, Lai, D, Li, Y, Diykh, M. (2017). An Efficient DDoS TCP Flood Attack Detection and Prevention System in a Cloud Environment. IEEE Access, 5, 6036\u20136048.","journal-title":"IEEE Access"},{"key":"79_CR28","first-page":"1","volume-title":"EANN2015 2nd Workshop on Innovative European Policies and Applied Measures for Developing Smart Cities","author":"IM Stephanakis","year":"2015","unstructured":"Stephanakis, IM, Chochliouros, IP, Sfakianakis, E (2015). Anomaly Detection In Secure Cloud Environments Using a Self-Organizing Feature Map (SOFM) Model For Clustering Sets of R-Ordered Vector-Structured Features. In EANN2015 2nd Workshop on Innovative European Policies and Applied Measures for Developing Smart Cities, (pp. 1\u20139)."}],"container-title":["EURASIP Journal on Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-018-0079-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13635-018-0079-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-018-0079-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,6]],"date-time":"2020-11-06T01:29:44Z","timestamp":1604626184000},"score":1,"resource":{"primary":{"URL":"https:\/\/jis-eurasipjournals.springeropen.com\/articles\/10.1186\/s13635-018-0079-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,7,16]]},"references-count":28,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,12]]}},"alternative-id":["79"],"URL":"https:\/\/doi.org\/10.1186\/s13635-018-0079-6","relation":{},"ISSN":["2510-523X"],"issn-type":[{"value":"2510-523X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,7,16]]},"assertion":[{"value":"14 November 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 June 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 July 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no competing interests.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}},{"value":"Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Publisher\u2019s Note"}}],"article-number":"9"}}