Show simple item record

dc.contributor.authorBouyeddou, Benamar
dc.contributor.authorHarrou, Fouzi
dc.contributor.authorKadri, Benamar
dc.contributor.authorSun, Ying
dc.date.accessioned2020-11-16T11:07:25Z
dc.date.available2020-11-16T11:07:25Z
dc.date.issued2020-11-07
dc.identifier.citationBouyeddou, B., Harrou, F., Kadri, B., & Sun, Y. (2020). Detecting network cyber-attacks using an integrated statistical approach. Cluster Computing. doi:10.1007/s10586-020-03203-1
dc.identifier.issn1573-7543
dc.identifier.issn1386-7857
dc.identifier.doi10.1007/s10586-020-03203-1
dc.identifier.urihttp://hdl.handle.net/10754/665962
dc.description.abstractAnomaly detection in the Internet of Things (IoT) is imperative to improve its reliability and safety. Detecting denial of service (DOS) and distributed DOS (DDOS) is one of the critical security challenges facing network technologies. This paper presents an anomaly detection mechanism using the Kullback–Leibler distance (KLD) to detect DOS and DDOS flooding attacks, including transmission control protocol (TCP) SYN flood, UDP flood, and ICMP-based attacks. This mechanism integrates the desirable properties of KLD, the capacity to quantitatively discriminate between two distributions, with the sensitivity of an exponential smoothing scheme. The primary reason for exponentially smoothing KLD measurements (ES–KLD) is to aggregate all of the information from past and actual samples in the decision rule, making the detector sensitive to small anomalies. Furthermore, a nonparametric approach using kernel density estimation has been used to set a threshold for ES-KLD decision statistic to uncover the presence of attacks. Tests on three publicly available datasets show improved performances of the proposed mechanism in detecting cyber-attacks compared to other conventional monitoring procedures.
dc.publisherSpringer Nature
dc.relation.urlhttp://link.springer.com/10.1007/s10586-020-03203-1
dc.rightsArchived with thanks to Cluster Computing
dc.titleDetecting network cyber-attacks using an integrated statistical approach
dc.typeArticle
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
dc.contributor.departmentEnvironmental Statistics Group
dc.contributor.departmentStatistics Program
dc.identifier.journalCluster Computing
dc.rights.embargodate2021-11-07
dc.eprint.versionPost-print
dc.contributor.institutionSTIC Lab., Department of Telecommunications, Abou Bekr Belkaid University, Tlemcen, Algeria
kaust.personHarrou, Fouzi
kaust.personSun, Ying
dc.identifier.eid2-s2.0-85095449892
refterms.dateFOA2020-11-16T12:07:37Z


Files in this item

Thumbnail
Name:
ClusterComputing2020.pdf
Size:
1.678Mb
Format:
PDF
Description:
Accepted manuscript
Embargo End Date:
2021-11-07

This item appears in the following Collection(s)

Show simple item record