Detecting denial of service attacks using support vector machines

Author

Mukkamala, Srinivas ; Sung, Andrew H.

Author_Institution

Dept. of Comput. Sci., New Mexico Tech., Socorro, NM, USA

Volume

2

fYear

2003

Firstpage

1231

Abstract

The complexity, openness, and increasing accessibility of the Internet have all greatly increased the risk of information system security availability. A serious type of network attacks is Denial of Service (DoS), which is performed against an information system to prevent legitimate users from accessing the compromised system for service. This paper concerns detecting DoS attacks using Support Vector Machines (SVMs). The key idea is to train SVMs using already discovered patterns (signatures) that represent DoS attacks. Using a benchmark data from a KDD competition designed by DARPA (U.S. Defense Advanced Research Projects Agency), we demonstrate that highly efficient and accurate classifiers can be constructed by using SVMs to detect DoS attacks. Further, we also perform feature ranking of the DARPA intrusion data to identify the key features that are important to DoS detection.

Keywords

Internet; security of data; support vector machines; DARPA defense advanced research projects agency; Internet accessibility; Internet complexity; Internet openness; SVM support vector machines; denial of service attacks detection; information system security; intrusion data; legitimate users; Computer crime; Computer science; Detectors; Humans; Information security; Information systems; Internet; Intrusion detection; Support vector machine classification; Support vector machines;

fLanguage

English

Publisher

ieee

Conference_Titel

Fuzzy Systems, 2003. FUZZ '03. The 12th IEEE International Conference on

Print_ISBN

0-7803-7810-5

Type

conf

DOI

10.1109/FUZZ.2003.1206607

Filename

1206607