DDOS-attacks detection using an efficient measurement-based statistical mechanism
KAUST DepartmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
Environmental Statistics Group
Online Publication Date2020-06-09
Print Publication Date2020-08
Permanent link to this recordhttp://hdl.handle.net/10754/663578
MetadataShow full item record
AbstractA monitoring mechanism is vital for detecting malicious attacks against cyber systems. Detecting denial of service (DOS) and distributed DOS (DDOS) is one of the most important security challenges facing network technologies. This paper introduces a reliable detection mechanism based on the continuous ranked probability score (CRPS) statistical metric and exponentially smoothing (ES) scheme for enabling efficient detection of DOS and DDOS attacks. In this regard, the CRPS is used to quantify the dissimilarity between a new observation and the distribution of normal traffic. The ES scheme, which is sensitive in detecting small changes, is applied to CRPS measurements for anomaly detection. Moreover, in CRPS-ES approach, a nonparametric decision threshold computed via kernel density estimation is used to suitably detect anomalies. Tests on three publically available datasets proclaim the efficiency of the proposed mechanism in detecting cyber-attacks.
CitationBouyeddou, B., Kadri, B., Harrou, F., & Sun, Y. (2020). DDOS-attacks detection using an efficient measurement-based statistical mechanism. Engineering Science and Technology, an International Journal. doi:10.1016/j.jestch.2020.05.002
SponsorsThe research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST), Office of Sponsored Research (OSR) under Award No: OSR-2019- CRG7-3800.
Except where otherwise noted, this item's license is described as This is an open access article under the CC BY-NC-ND license.