A framework for countering denial of service attacks

Author

Mukkamala, Srinivas ; Sung, Andrew A.

Author_Institution

Dept. of Comput. Sci., New Mexico Tech., Socorro, NM, USA

Volume

4

fYear

2004

fDate

10-13 Oct. 2004

Firstpage

3273

Abstract

Recent trend of the adversaries "if I can\´t have it, nobody can" has changed the emphasis of information assurance with respect to information availability. This paper presents a knowledge discovery framework to detect DoS attacks at the boundary controllers (routers). The idea is to use machine learning approach to discover network features that can depict the state of the network connection. Using important network data (DoS relevant features), we have developed kernel machine based and soft computing detection mechanisms that achieve high detection accuracies. We also present our work of identifying DoS pertinent features and evaluating the applicability of these features in detecting novel DoS attacks. Architecture for detecting DoS attacks at the router is presented. We demonstrate that highly efficient and accurate signature based classifiers can be constructed by using important network features and machine learning techniques to detect DoS attacks at the boundary controllers.

Keywords

data mining; learning (artificial intelligence); security of data; telecommunication network routing; uncertainty handling; denial of service attacks; information availability; knowledge discovery; machine learning; routers; soft computing detection mechanism; Availability; Computer architecture; Computer crime; Computer networks; Computer science; Computer vision; Information systems; Internet; Intrusion detection; Machine learning;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Man and Cybernetics, 2004 IEEE International Conference on

ISSN

1062-922X

Print_ISBN

0-7803-8566-7

Type

conf

DOI

10.1109/ICSMC.2004.1400845

Filename

1400845