Title :
Detecting DoS and DDoS Attacks by Using an Intrusion Detection and Remote Prevention System
Author :
Leu, Fang-Yie ; Li, Zhi-Yang
Author_Institution :
Dept. of Comput. Sci., Tunghai Univ., Tunghai, Taiwan
Abstract :
In this article, we proposed an intrusion prevention system, named cumulative-sum-based intrusion prevention system (CSIPS) which detects malicious behaviors, attacks and distributed attacks launched to remote clients and local hosts based on the cumulative sum (CUSUM) algorithm. Experimental results show that CSIPSs in a united defense environment can carry out a higher security level for the environment.
Keywords :
computer networks; distributed algorithms; higher order statistics; pattern classification; security of data; telecommunication security; telecommunication traffic; CSIPS; CUSUM algorithm; DDoS attack detection; DoS attack detection; abnormal traffic network threshold; cumulative sum algorithm; cumulative-sum-based remote client intrusion prevention system; distributed attack detection; intrusion detection system; malicious behavior detection; network security; packet classification algorithm; united defense environment; Computer crime; Computer science; Computer security; Information security; Intrusion detection; Packet switching; Protection; Switches; Telecommunication traffic; Zinc; CUSUM; IDS; Intrusion Prevention system;
Conference_Titel :
Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
Conference_Location :
Xian
Print_ISBN :
978-0-7695-3744-3
DOI :
10.1109/IAS.2009.294
