Title :
DoS and port scan attack detection in high speed networks
Author :
Hasanifard, Masoud ; Ladani, Behrouz Tork
Author_Institution :
Dept. Of Comput. Eng., Univ. of Isfahan, Isfahan, Iran
Abstract :
One of the necessities of high-speed Internet highways is the use of intrusion detection systems (IDSs). To this end, IDS should be able to process a high volume of traffic with limited resources. IDSs have improved significantly in recent years and they showed acceptable outcomes. However, there is no appropriate solution for high-speed networks. This paper proposes a solution for diagnosing denial of service (DoS) and port scan attacks as a layer of defense. The proposed method attains high speed rate using a parallel data structure to filter out DoS and port scan attacks from network traffic before entering the intrusion detection system. Attack filtering is based on statistical anomaly detection. The experimental results from implementing and evaluating the proposed method show acceptable records in both error rate and speed.
Keywords :
Internet; computer network security; data structures; parallel processing; statistical analysis; telecommunication traffic; DoS; IDS; attack filtering; denial of service attack; high speed networks; high-speed Internet highways; intrusion detection systems; network traffic; parallel data structure; port scan attack detection; statistical anomaly detection; Computer crime; Data structures; Feature extraction; High-speed networks; IP networks; Ports (Computers); Servers; Data stream computing; Denial of service attack; Intrusion detection system; Port scan attack; Statistical anomaly detection;
Conference_Titel :
Information Security and Cryptology (ISCISC), 2014 11th International ISC Conference on
Conference_Location :
Tehran
DOI :
10.1109/ISCISC.2014.6994023
