Detecting SYN flood attacks via statistical monitoring charts: A comparative study

Bouyeddou, Benamar; Harrou, Fouzi; Sun, Ying; Kadri, Benamar

Name:

Detecting SYN flood attacks via ...

Size:

932.4Kb

Format:

PDF

Description:

Accepted Manuscript

Download

Type

Conference Paper

Authors

Bouyeddou, Benamar
Harrou, Fouzi

Sun, Ying

Kadri, Benamar

KAUST Department

Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
Applied Mathematics and Computational Science Program

KAUST Grant Number

OSR-2015-CRG4-2582

Date

2017-12-14

Metadata

Show full item record

Abstract

Accurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.

Citation

Bouyeddou B, Harrou F, Sun Y, Kadri B (2017) Detecting SYN flood attacks via statistical monitoring charts: A comparative study. 2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B). Available: http://dx.doi.org/10.1109/ICEE-B.2017.8192118.