An Effective Network Intrusion Detection Using Hellinger Distance-Based Monitoring Mechanism
Type
Conference PaperKAUST Department
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) DivisionStatistics Program
KAUST Grant Number
OSR-2015-CRG4-2582Date
2019-03-18Online Publication Date
2019-03-18Print Publication Date
2018-11Permanent link to this record
http://hdl.handle.net/10754/631834
Metadata
Show full item recordAbstract
This paper proposes an intrusion detection scheme for Denial Of Service (DOS) and Distributed DOS (DDOS) attacks detection. We used Hellinger distance (HD), which is an effective measure to quantify the similarity between two distributions, to detect the presence of potential malicious attackers. Specifically, we applied HD-based anomaly detection mechanism to detect SYN and ICMPv6-based DOS/DDOS attacks. Here, Shewhart chart is applied to HD to set up a detection threshold. The proposed mechanism is evaluated using DARPA99 and ICMPv6 traffic datasets. Results indicate that our mechanism accomplished reliable detection of DOS/DDOS flooding attacks.Citation
Bouyeddou B, Harrou F, Sun Y, Kadri B (2018) An Effective Network Intrusion Detection Using Hellinger Distance-Based Monitoring Mechanism. 2018 International Conference on Applied Smart Systems (ICASS). Available: http://dx.doi.org/10.1109/ICASS.2018.8652008.Sponsors
The research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.Conference/Event name
2018 International Conference on Applied Smart Systems, ICASS 2018Additional Links
https://ieeexplore.ieee.org/document/8652008ae974a485f413a2113503eed53cd6c53
10.1109/ICASS.2018.8652008