Detecting SYN flood attacks via statistical monitoring charts: A comparative study

Handle URI:
http://hdl.handle.net/10754/626839
Title:
Detecting SYN flood attacks via statistical monitoring charts: A comparative study
Authors:
Bouyeddou, Benamar; Harrou, Fouzi; Sun, Ying ( 0000-0001-6703-4270 ) ; Kadri, Benamar
Abstract:
Accurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.
KAUST Department:
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division; Applied Mathematics and Computational Science Program
Citation:
Bouyeddou B, Harrou F, Sun Y, Kadri B (2017) Detecting SYN flood attacks via statistical monitoring charts: A comparative study. 2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B). Available: http://dx.doi.org/10.1109/ICEE-B.2017.8192118.
Publisher:
IEEE
Journal:
2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B)
KAUST Grant Number:
OSR-2015-CRG4-2582
Issue Date:
14-Dec-2017
DOI:
10.1109/ICEE-B.2017.8192118
Type:
Conference Paper
Sponsors:
The research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.
Additional Links:
http://ieeexplore.ieee.org/document/8192118/
Appears in Collections:
Conference Papers; Applied Mathematics and Computational Science Program; Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division

Full metadata record

DC FieldValue Language
dc.contributor.authorBouyeddou, Benamaren
dc.contributor.authorHarrou, Fouzien
dc.contributor.authorSun, Yingen
dc.contributor.authorKadri, Benamaren
dc.date.accessioned2018-01-21T07:23:26Z-
dc.date.available2018-01-21T07:23:26Z-
dc.date.issued2017-12-14en
dc.identifier.citationBouyeddou B, Harrou F, Sun Y, Kadri B (2017) Detecting SYN flood attacks via statistical monitoring charts: A comparative study. 2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B). Available: http://dx.doi.org/10.1109/ICEE-B.2017.8192118.en
dc.identifier.doi10.1109/ICEE-B.2017.8192118en
dc.identifier.urihttp://hdl.handle.net/10754/626839-
dc.description.abstractAccurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.en
dc.description.sponsorshipThe research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.en
dc.publisherIEEEen
dc.relation.urlhttp://ieeexplore.ieee.org/document/8192118/en
dc.rights(c) 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.en
dc.subjectControl chartsen
dc.subjectElectrical engineeringen
dc.subjectElectronic mailen
dc.subjectMonitoringen
dc.subjectWeb serversen
dc.titleDetecting SYN flood attacks via statistical monitoring charts: A comparative studyen
dc.typeConference Paperen
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Divisionen
dc.contributor.departmentApplied Mathematics and Computational Science Programen
dc.identifier.journal2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B)en
dc.eprint.versionPost-printen
dc.contributor.institutionSTIC Lab., Department of Telecommunications, Abou Bekr Belkaid University, Tlemcen, Algeriaen
kaust.authorHarrou, Fouzien
kaust.authorSun, Yingen
kaust.grant.numberOSR-2015-CRG4-2582en
All Items in KAUST are protected by copyright, with all rights reserved, unless otherwise indicated.