A Method to Detect DOS and DDOS Attacks based on Generalized Likelihood Ratio Test
KAUST DepartmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
KAUST Grant NumberOSR-2015-CRG4-2582
Online Publication Date2019-03-18
Print Publication Date2018-11
Permanent link to this recordhttp://hdl.handle.net/10754/631849
MetadataShow full item record
AbstractDenial of service (DOS) and distributed DOS (DDOS) continue to be a significant concern in internet and networking systems. This paper targets to develop an anomaly detection mechanism based on the generalized likelihood ratio (GLR) scheme to detect TCP and ICMPv6 based DOS/DDOS attacks. The anomaly detection problem is addressed as a hypothesis testing problem. The proposed approach uses GLR test to monitor internet traffic for better detecting potential cyber- attacks. The decision threshold of GLR approach has been computed non parametrically based on kernel density estimation. To evaluate the performance of this approach, two network traffic datasets have been used namely the DARPA99 and ICMPv6 datasets. Results highlight the efficiency of the proposed method.
CitationHarrou F, Bouyeddou B, Sun Y, Kadri B (2018) A Method to Detect DOS and DDOS Attacks based on Generalized Likelihood Ratio Test. 2018 International Conference on Applied Smart Systems (ICASS). Available: http://dx.doi.org/10.1109/ICASS.2018.8652030.
SponsorsThe research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.
Conference/Event name2018 International Conference on Applied Smart Systems, ICASS 2018