TY - GEN
T1 - Likelihood ratios and recurrent random neural networks in detection of Denial of Service attacks
AU - Loukas, Georgios
AU - Öke, Gülay
PY - 2007
Y1 - 2007
N2 - In a world that is becoming increasingly dependent on Internet communication, Denial of Service (DoS) attacks have evolved into a major security threat which is easy to launch but difficult to defend against. In order for DoS countermeasures to be effective, the attack must be detected early and accurately. In this paper we propose a DoS detection technique based on observation of the incoming traffic and a combination of traditional likelihood estimation with a recurrent random neural network (r-RNN) structure. We select input features that describe essential information on the incoming traffic and evaluate the likelihood ratios for each input, to fuse them with a r-RNN. We evaluate the performance of our method in terms of false alarm and correct detection rates with experiments on a large networking testbed, for a variety of input traffic.
AB - In a world that is becoming increasingly dependent on Internet communication, Denial of Service (DoS) attacks have evolved into a major security threat which is easy to launch but difficult to defend against. In order for DoS countermeasures to be effective, the attack must be detected early and accurately. In this paper we propose a DoS detection technique based on observation of the incoming traffic and a combination of traditional likelihood estimation with a recurrent random neural network (r-RNN) structure. We select input features that describe essential information on the incoming traffic and evaluate the likelihood ratios for each input, to fuse them with a r-RNN. We evaluate the performance of our method in terms of false alarm and correct detection rates with experiments on a large networking testbed, for a variety of input traffic.
KW - Bayesian decision taking
KW - Denial of service
KW - Intrusion detection
KW - Network security
KW - Recurrent random neural networks
UR - http://www.scopus.com/inward/record.url?scp=84870227311&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84870227311
SN - 9781622763559
T3 - International Symposium on Performance Evaluation of Computer and Telecommunication Systems 2007, SPECTS'07, Part of the 2007 Summer Simulation Multiconference, SummerSim'07
SP - 608
EP - 615
BT - International Symposium on Performance Evaluation of Computer and Telecommunication Systems 2007, SPECTS'07, Part of the 2007 Summer Simulation Multiconference, SummerSim'07
T2 - International Symposium on Performance Evaluation of Computer and Telecommunication Systems 2007, SPECTS 2007, Part of the 2007 Summer Simulation Multiconference, SummerSim 2007
Y2 - 15 July 2007 through 18 July 2007
ER -