Detecting DoS and DDoS Attacks by Using an Intrusion Detection and Remote Prevention System

Author

Leu, Fang-Yie ; Li, Zhi-Yang

Author_Institution

Dept. of Comput. Sci., Tunghai Univ., Tunghai, Taiwan

Volume

2

fYear

2009

fDate

18-20 Aug. 2009

Firstpage

251

Lastpage

254

Abstract

In this article, we proposed an intrusion prevention system, named cumulative-sum-based intrusion prevention system (CSIPS) which detects malicious behaviors, attacks and distributed attacks launched to remote clients and local hosts based on the cumulative sum (CUSUM) algorithm. Experimental results show that CSIPSs in a united defense environment can carry out a higher security level for the environment.

Keywords

computer networks; distributed algorithms; higher order statistics; pattern classification; security of data; telecommunication security; telecommunication traffic; CSIPS; CUSUM algorithm; DDoS attack detection; DoS attack detection; abnormal traffic network threshold; cumulative sum algorithm; cumulative-sum-based remote client intrusion prevention system; distributed attack detection; intrusion detection system; malicious behavior detection; network security; packet classification algorithm; united defense environment; Computer crime; Computer science; Computer security; Information security; Intrusion detection; Packet switching; Protection; Switches; Telecommunication traffic; Zinc; CUSUM; IDS; Intrusion Prevention system;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance and Security, 2009. IAS '09. Fifth International Conference on

Conference_Location

Xian

Print_ISBN

978-0-7695-3744-3

Type

conf

DOI

10.1109/IAS.2009.294

Filename

5283336