Advances, Systems and Applications
Table 1 Qualitative comparison of detection against LDoS attacks
From: Low-rate Denial of Service attack detection method based on time-frequency characteristics
Category | Detection method | Applicable attack | Positive rate | False positive rate | Speed | Implementation Complexity | Experimental environment |
|---|---|---|---|---|---|---|---|
Detection methods Based on features | ACK [16] | LDoS/DDoS | High | Low | High | Low | Virtual machine |
Combined features [17] | LDoS | High | Low | Low | Medium | NS-2 | |
MF-DFA [9] | LDoS | High | Low | Low | High | Simulation platform | |
CPR [19] | LDoS& LDDoS | High | Low | Low | Medium | NS-2 | |
Detection methods Based on ML/DL | PCA-SVM [21] | LDoS | High | Low | Medium | Medium | NS-2 |
improved logistic regression [22] | LDoS | High | Low | Low | High | NS-2 | |
SDN-based [23] | LDoS | Low | Low | High | High | Mininet virtual machine | |
NAS-AE [15] | LDoS | Â | Â | Â | Â | NS-2 | |
Detection methods Based on Signal analysis | wavelet analysis [24] | LDoS | Low | High | Low | Low | Simulation platform |
PSD [25] | LDoS&LDDoS | Low | High | High | Low | Real cloud environment | |
Hilbert-Huang Transform [27] | LDoS&LDDoS | High | Low | Low | High | NS-2 | |
spectral analysis [26] | LDoS&DDoS | Low | Low | Medium | High | LoRDAS simulator |