An on-line intrusion detection approach to identify low-rate DoS attacks

Author

Aiello, Marco ; Cambiaso, Enrico ; Mongelli, Maurizio ; Papaleo, Gianluca

Author_Institution

Inst. of Electron., Comput. & Telecommun. Eng., Genoa, Italy

fYear

2014

fDate

13-16 Oct. 2014

Firstpage

1

Lastpage

6

Abstract

This paper addresses the problem of detection of “Slow” Denial of Service attacks. The problem is particularly challenging in virtue of the reduced amount of bandwidth generated by the attacks. A novel detection method is presented, which analyzes specific spectral features of traffic over small time horizons. No packet inspection is required. Extrapolated data refer to real traffic traces, elaborated over the Local Area Network of our Institute. Different kinds of attacks have been considered as well. The results show how the proposed method is reliable and applicable in many other contexts.

Keywords

computer network security; local area networks; telecommunication traffic; extrapolated data; local area network; low-rate DoS attack identification; online intrusion detection approach; slow denial of service attack detection; spectral features; traffic traces; Computer crime; Feature extraction; Measurement; Monitoring; Mutual information; Protocols; Servers; anomaly detection; denial of service; fourier transform; slow dos attack;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology (ICCST), 2014 International Carnahan Conference on

Conference_Location

Rome

Print_ISBN

978-1-4799-3530-7

Type

conf

DOI

10.1109/CCST.2014.6987039

Filename

6987039