Detecting denial of service attacks using emergent self-organizing maps

Author

Mitrokotsa, Aikaterini ; Douligeris, Christos

Author_Institution

Dept. of Inf., Piraeus Univ.

fYear

2005

fDate

21-21 Dec. 2005

Firstpage

375

Lastpage

380

Abstract

Denial of service attacks constitute one of the greatest problem in network security. Monitoring traffic is one of the main techniques used in order to find out the existence of possible outliers in the traffic patterns. In this paper, we propose an approach that detects denial of service attacks using emergent self-organizing maps. The approach is based on classifying "normal" traffic against "abnormal" traffic in the sense of denial of service attacks. The approach permits the automatic classification of events that are contained in logs and visualization of network traffic. Extensive simulations show the effectiveness of this approach compared to previously proposed approaches regarding false alarms and detection probabilities

Keywords

computer networks; monitoring; security of data; self-organising feature maps; telecommunication security; telecommunication traffic; denial of service attacks; emergent self-organizing maps; network security; traffic monitoring; Computer crime; Computer networks; Informatics; Intrusion detection; Monitoring; Neural networks; Self organizing feature maps; Telecommunication traffic; Traffic control; Visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Signal Processing and Information Technology, 2005. Proceedings of the Fifth IEEE International Symposium on

Conference_Location

Athens

Print_ISBN

0-7803-9313-9

Type

conf

DOI

10.1109/ISSPIT.2005.1577126

Filename

1577126