A denial of service detector based on maximum likelihood detection and the random neural network

Gülay Öke*, Georgios Loukas

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

43 Citations (Scopus)

Abstract

Due to the simplicity of the concept and the availability of attack tools, launching a DoS attack is relatively easy, while defending a network resource against it is disproportionately difficult. The first step of a protection scheme against DoS must be the detection of its existence, ideally before the destructive traffic build-up. In this paper we propose a DoS detection approach which uses the maximum likelihood criterion with the random neural network (RNN). Our method is based on measuring various instantaneous and statistical variables describing the incoming network traffic, acquiring a likelihood estimation and fusing the information gathered from the individual input features using likelihood averaging and different architectures of RNNs. We present and compare seven variations of it and evaluate our experimental results obtained in a large networking testbed.

Original languageEnglish
Pages (from-to)717-727
Number of pages11
JournalComputer Journal
Volume50
Issue number6
DOIs
Publication statusPublished - Nov 2007
Externally publishedYes

Keywords

  • Denial of service
  • Intrusion detection
  • Maximum likelihood detection criterion
  • Network security
  • Random neural networks

Fingerprint

Dive into the research topics of 'A denial of service detector based on maximum likelihood detection and the random neural network'. Together they form a unique fingerprint.

Cite this