On-line Detection of Distributed Attacks from Space-time Network Flow Patterns

Parametric and non-parametric change detection algorithms are applied to the problem of detecting changes in the direction of traffic flow. The directionality of the change in a network flow is assumed to have an objective or target. The particular problem of detecting distributed denial of service attacks from distributed observations is presented as a working framework. The performance of our change detection algorithms is evaluated via simulations.