Detecting SYN flood attacks via statistical monitoring charts: A comparative study
KAUST DepartmentApplied Mathematics and Computational Science Program
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
KAUST Grant NumberOSR-2015-CRG4-2582
Online Publication Date2017-12-14
Print Publication Date2017-10
Permanent link to this recordhttp://hdl.handle.net/10754/626839
MetadataShow full item record
AbstractAccurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.
CitationBouyeddou B, Harrou F, Sun Y, Kadri B (2017) Detecting SYN flood attacks via statistical monitoring charts: A comparative study. 2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B). Available: http://dx.doi.org/10.1109/ICEE-B.2017.8192118.
SponsorsThe research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.