TY - GEN
T1 - Detecting denial of service attacks with Bayesian classifiers and the random neural network
AU - Öke, Gülay
AU - Loukas, George
AU - Gelenbe, Erol
PY - 2007
Y1 - 2007
N2 - Denial of Service (DoS) is a prevalent threat in today's networks. While such an attack is not difficult to launch, defending a network resource against it is disproportionately difficult, and despite the extensive research in recent years, DoS attacks continue to harm. The first goal of any protection scheme against DoS is the detection of its existence, ideally long before the destructive traffic build-up. In this paper we propose a generic approach which uses multiple Bayesian classifiers, and we present and compare four different implementations of it, combining likelihood estimation and the Random Neural Network (RNN), The RNNs are biologically inspired structures which represent the true functioning of a biophysical neural network, where the signals travel as spikes rather than analog signals. We use such an RNN structure to fuse real-time networking statistical data and distinguish between normal and attack traffic during a DoS attack. We present experimental results obtained for different traffic data in a large networking testbed.
AB - Denial of Service (DoS) is a prevalent threat in today's networks. While such an attack is not difficult to launch, defending a network resource against it is disproportionately difficult, and despite the extensive research in recent years, DoS attacks continue to harm. The first goal of any protection scheme against DoS is the detection of its existence, ideally long before the destructive traffic build-up. In this paper we propose a generic approach which uses multiple Bayesian classifiers, and we present and compare four different implementations of it, combining likelihood estimation and the Random Neural Network (RNN), The RNNs are biologically inspired structures which represent the true functioning of a biophysical neural network, where the signals travel as spikes rather than analog signals. We use such an RNN structure to fuse real-time networking statistical data and distinguish between normal and attack traffic during a DoS attack. We present experimental results obtained for different traffic data in a large networking testbed.
UR - http://www.scopus.com/inward/record.url?scp=50249125438&partnerID=8YFLogxK
U2 - 10.1109/FUZZY.2007.4295666
DO - 10.1109/FUZZY.2007.4295666
M3 - Conference contribution
AN - SCOPUS:50249125438
SN - 1424412102
SN - 9781424412105
T3 - IEEE International Conference on Fuzzy Systems
BT - 2007 IEEE International Conference on Fuzzy Systems, FUZZY
T2 - 2007 IEEE International Conference on Fuzzy Systems, FUZZY
Y2 - 23 July 2007 through 26 July 2007
ER -