Distinguishing between FE and DDoS using randomness check

Hyundo Park, Peng Li, Debin Gao, Heejo Lee, Robert H. Deng

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Citations (Scopus)


Threads posed by Distributed Denial of Service (DDoS) attacks are becoming more serious day by day. Accurately detecting DDoS becomes an important and necessary step in securing a computer network. However, Flash Event (FE), which is created by legitimate requests, shares very similar characteristics with DDoS in many aspects and makes it hard to be distinguished from DDoS attacks. In this paper, we propose a simple yet effective mechanism called FDD (FE and DDoS Distinguisher) to distinguish FE and DDoS. To the best of our knowledge, this is the first effective and practical mechanism that distinguishes FE and DDoS attacks. Our trace-driven evaluation shows that FDD distinguishes between FE and DDoS attacks accurately and efficiently by utilizing only memory of a very small size, making it possible to be implemented on high-speed networking devices.

Original languageEnglish
Title of host publicationInformation Security - 11th International Conference, ISC 2008, Proceedings
Number of pages15
Publication statusPublished - 2008
Event11th International Conference on Information Security, ISC 2008 - Taipei, Taiwan, Province of China
Duration: 2008 Sept 152008 Sept 18

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5222 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other11th International Conference on Information Security, ISC 2008
Country/TerritoryTaiwan, Province of China

Bibliographical note

Funding Information:
This research was supported by the MIC, Korea, under the ITRC support program supervised by the IITA(IITA-2008-(C1090-0801-0016)), the IT R&D program of MKE/IITA(2008-S-026-01) and partially supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract(2008-SW-51-IM-02).


  • Distributed Denial of Service
  • Flash Event
  • Network Security
  • Randomness Check

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Distinguishing between FE and DDoS using randomness check'. Together they form a unique fingerprint.

Cite this