Detecting cyber-attacks using a CRPS-based monitoring approach

Harrou, Fouzi; Bouyeddou, Benamar; Sun, Ying; Kadri, Benamar

Name:

SS-1225.pdf

Size:

673.1Kb

Format:

PDF

Description:

Accepted Manuscript

Download

Type

Conference Paper

Date

2019-02-28

Online Publication Date

2019-02-28

Print Publication Date

2018-11

Permanent link to this record

http://hdl.handle.net/10754/631694

Metadata

Show full item record

Abstract

Cyber-attacks can seriously affect the security of computers and network systems. Thus, developing an efficient anomaly detection mechanism is crucial for information protection and cyber security. To accurately detect TCP SYN flood attacks, two statistical schemes based on the continuous ranked probability score (CRPS) metric have been designed in this paper. Specifically, by integrating the CRPS measure with two conventional charts, Shewhart and the exponentially weighted moving average (EWMA) charts, novel anomaly detection strategies were developed: CRPS-Shewhart and CRPS-EWMA. The efficiency of the proposed methods has been verified using the 1999 DARPA intrusion detection evaluation datasets.

Citation

Harrou F, Bouyeddou B, Sun Y, Kadri B (2018) Detecting cyber-attacks using a CRPS-based monitoring approach. 2018 IEEE Symposium Series on Computational Intelligence (SSCI). Available: http://dx.doi.org/10.1109/SSCI.2018.8628797.