Detecting SYN flood attacks via statistical monitoring charts: A comparative study

Bouyeddou, Benamar; Harrou, Fouzi; Sun, Ying; Kadri, Benamar

doi:10.1109/icee-b.2017.8192118

Cited by 16 publications

(9 citation statements)

References 14 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Nowadays, DOS and DDOS attacks are becoming a major risk that seriously affects internet service availability around the world. The main objective behind DOS and DDOS attacks is to exhaust the targeted victim's resources in such a way to render them inaccessible to their legitimate users [32]. Figure 1 shows an example of DDOS attacks.…”

Section: Icmp Smurf Attacksmentioning

confidence: 99%

Detection of smurf flooding attacks using Kullback-Leibler-based scheme

Bouyeddou

Harrou

Sun

et al. 2018

2018 4th International Conference on Computer and Technology Applications (ICCTA)

Self Cite

View full text Add to dashboard Cite

Reliable and timely detection of cyber attacks become indispensable to protect networks and systems. Internet control message protocol (ICMP) flood attacks are still one of the most challenging threats in both IPv4 and IPv6 networks. This paper proposed an approach based on Kullback-Leibler divergence (KLD) to detect ICMP-based Denial Of service (DOS) and Distributed Denial Of Service (DDOS) flooding attacks. This is motivated by the high capacity of KLD to quantitatively discriminate between two distributions. Here, the three-sigma rule is applied to the KLD distances for anomaly detection. We evaluated the effectiveness of this scheme by using the 1999 DARPA Intrusion Detection Evaluation Datasets.

show abstract

Section: Icmp Smurf Attacksmentioning

confidence: 99%

Detection of smurf flooding attacks using Kullback-Leibler-based scheme

Bouyeddou

Harrou

Sun

et al. 2018

2018 4th International Conference on Computer and Technology Applications (ICCTA)

Self Cite

View full text Add to dashboard Cite

show abstract

“…In today's interconnected culture, everybody profits from innovative data security strategies. Cyber threat relates to the body of techniques, procedures and strategies designed to avoid malicious access to the systems, computers and software's [1]. Incorporating efficient security protocols is exceptionally difficult today as there are numerous computer systems than humans and hackers have become more inventive.…”

Section: Introductionmentioning

confidence: 99%

Identification of DOS Attack by implementing SYN Flood Attack and considering CPU Load Analysis

Solanki¹,

Solanki²

2020

IRJASH

View full text Add to dashboard Cite

The stupendous utilization of the web and its entrepreneurial inclination is growing the prevalence to enhance cyber threats occurrence. The absolute identification of virtual-harassment plays a critical role in safeguarding computer systems. Assessment of safety concerns when recognizing a convergence between internet-security and network equipment is vital. To construct a robust infrastructure, the requisite of a cyber-safety methodology is integral. For example, if efficacious cyber-threat takes place then it significantly enhances the power usage of the database and solely impacts its hardware elements. This article provides a glimpse into a DOS intrusion and its stronger links between CPU utilization and absorbed resources, which is one of the most critical admonitions and intimidate features of the machine. DOS threat loads the network with congestion by implementing perilous data that will disrupt the machine by incorporating an estimated excessive energy usage imbibed by a Processor. According to the elevated mechanism, the identification of the SYN flood intrusion is addressed, which is the utmost prevalent DOS attack. In this methodology, this prominent attack is identified by incorporating Wireshark tools. The surveilling and sorting online flood vulnerabilities like SYN by extending a precise intrusion detection model for the safeguarding of data as well as cybersecurity to make the structure sustainable is implemented.

show abstract

“…Computer networks and internet are continuously exposed to many viruses and cyber-attacks [1], [2]. Denial of service and distributed denial of service (i.e., DOS and DDOS) attacks attemp to disrupt networks' availability and suspend the usability of their hosted services [3]. In last few years, several cyberattacks were performed against different targets, such as the American presidential election, the Rio De Janero Olympics games, the US Domain Name System (DYN), the Russian Banking System, Qatar News Agency, the US department of defense, the Android users, the NSA and the German armed forces [4].…”

Section: Introductionmentioning

confidence: 99%

Detecting cyber-attacks using a CRPS-based monitoring approach

Harrou

Bouyeddou

Sun

et al. 2018

2018 IEEE Symposium Series on Computational Intelligence (SSCI)

Self Cite

View full text Add to dashboard Cite

Cyber-attacks can seriously affect the security of computers and network systems. Thus, developing an efficient anomaly detection mechanism is crucial for information protection and cyber security. To accurately detect TCP SYN flood attacks, two statistical schemes based on the continuous ranked probability score (CRPS) metric have been designed in this paper. Specifically, by integrating the CRPS measure with two conventional charts, Shewhart and the exponentially weighted moving average (EWMA) charts, novel anomaly detection strategies were developed: CRPS-Shewhart and CRPS-EWMA. The efficiency of the proposed methods has been verified using the 1999 DARPA intrusion detection evaluation datasets.

show abstract

Detecting SYN flood attacks via statistical monitoring charts: A comparative study

Cited by 16 publications

References 14 publications

Detection of smurf flooding attacks using Kullback-Leibler-based scheme

Detection of smurf flooding attacks using Kullback-Leibler-based scheme

Identification of DOS Attack by implementing SYN Flood Attack and considering CPU Load Analysis

Detecting cyber-attacks using a CRPS-based monitoring approach

Contact Info

Product

Resources

About