Distributed computing technology is widely used by Internet-based business applications. Supply chain management (SCM), customer relationship management (CRM), e-Commerce, and banking are some of the applications employing distributed computing. These applications are the main target to massive attacks known as distributed denial-of-service (DDoS) that cause a denial of service or degradation of services being rendered. The servers that provide reliable services to genuine users in a distributed environment are victims of such attacks that flood fake requests that appear genuine. Flash crowd, on the other hand, is the huge amount of traffic caused by certain flash events (FEs) that mimics DDoS attacks. Detection of DDoS attacks in the wake of flash crowds is a challenging problem to be addressed. The existing solutions are generally meant for either flash crowds or DDoS attacks and more research is needed to have a comprehensive approach for catering to the needs of detection of spoofed and non-spoofed variants of DDoS attacks. This paper proposes a methodology that can detect aforementioned DDoS attacks and differentiate them from flash crowds. NS-2 simulations are carried out on Ubuntu platform for validating the effectiveness of the proposed methodology.

中文翻译：

---

检测欺骗性和非欺骗性的DDoS攻击，并将其与大量用户区分开

分布式计算技术被基于Internet的业务应用程序广泛使用。供应链管理（SCM），客户关系管理（CRM），电子商务和银行业务是采用分布式计算的一些应用程序。这些应用程序是大规模攻击（称为分布式拒绝服务（DDoS））的主要目标，这些攻击导致拒绝服务或所提供服务的性能下降。在分布式环境中为真实用户提供可靠服务的服务器是此类攻击的受害者，这些攻击泛滥了看起来真实的虚假请求。另一方面，闪存人群是由模仿DDoS攻击的某些闪存事件（FE）导致的大量流量。在闪存拥挤之后检测DDoS攻击是需要解决的难题。现有的解决方案通常是针对闪存人群或DDoS攻击的，需要进行更多的研究以提供一种全面的方法来满足对DDoS攻击的欺骗性和非欺骗性变体的检测需求。本文提出了一种方法，可以检测上述DDoS攻击并将其与闪存人群区分开。在Ubuntu平台上进行了NS-2仿真，以验证所提出方法的有效性。