Title :
Heterogeneous Fusion of IDS Alerts for Detecting DOS Attacks
Author :
Shah, Vrushank ; Aggarwal, A.K.
Author_Institution :
Indus Univ., Ahmedabad, India
Abstract :
Denial of Service (DOS) attacks is a situation in attacker tries to prevent the user of a particular service from using that service. Intrusion detection system is more efficient compared to firewalls in detecting DOS attack generated due to internal traffic. However, single IDS system usually fails in detecting novel attack and produces larger false alerts. This paper proposes a method for heterogeneous alert fusion for detection of DOS attacks. The proposed method shows increase in the detection rate of about 20% compared to signature based IDS and 10% compared to anomaly based IDS. On the other hand the False alarm rate reduces by 40%. Alert fusion results for two redundant IDS as well as two complementary IDS have been demonstrated.
Keywords :
Internet; computer network security; telecommunication traffic; DOS attack detection; IDS heterogeneous alert fusion; Internet; attack detection; denial of service attacks; false alarm rate; internal traffic; intrusion detection system; signature based IDS; single IDS system; Computer crime; Databases; Detectors; Firewalls (computing); Intrusion detection; Reliability; Alert Fusion; DARPA dataset; DOS attacks; Dempster-Shafer Theory; Detection Rate; Intrusion Detection System;
Conference_Titel :
Computing Communication Control and Automation (ICCUBEA), 2015 International Conference on
Conference_Location :
Pune
DOI :
10.1109/ICCUBEA.2015.35
