FORECASTING DISTRIBUTED DENIAL OF SERVICE ATTACK USING HIDDEN MARKOV MODEL
Abstract
Distributed denial of service (DDoS) attack bombards the network with loads of packets and requests that consumes the system resources in terms of time, memory, and processors. This paper presents a proposed method for forecasting DDoS in networks. The proposed model employs hidden Markov model (HMM) to forecast DDoS attacks. The method uses the inherent characteristic features of DDoS to determine the observable states of the system. To avoid intractable computations, Kullback-Leibler divergence algorithm was employed to reduce the number of observable states to three. The proposed model is formulated and trained through experiments using DARPA 2000 data set and the preliminary results shows that the characteristic features of the DDoS and the entropy concept can be used to formulate an HMM to predict DDoS.