Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features

Authors:
Dimitris Gavrilis;Evangelos Dermatas
Affiliations:
Department of Electrical Engineering and Computer Technology, University of Patras, Kato Kastritsi, 26500 Patras, Greece;Department of Electrical Engineering and Computer Technology, University of Patras, Kato Kastritsi, 26500 Patras, Greece
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2005

Citing 9
Cited 6

Intrusion detection with neural networks

NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Improving intrusion detection performance using keyword selection and neural networks

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
A denial-of-service resistant intrusion detection architecture

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Security issues in control, management and routing protocols

Computer Networks: The International Journal of Computer and Telecommunications Networking - Pioneering tomorrow's Internet Selected papers from the TERENA Networking Conference 2000 22–25 May 2000, Lisbon, Portugal
Neural Networks: A Comprehensive Foundation

Neural Networks: A Comprehensive Foundation
Statistical Traffic Modeling for Network Intrusion Detection

MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
A Neural Network Component for an Intrusion Detection System

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
DDoS attacks and defense mechanisms: classification and state-of-the-art

Computer Networks: The International Journal of Computer and Telecommunications Networking

DDoS attack detection using K-Nearest Neighbor classifier method

Telehealth/AT '08 Proceedings of the IASTED International Conference on Telehealth/Assistive Technologies
Real-time anomaly detection systems for Denial-of-Service attacks by weighted k-nearest-neighbor classifiers

Expert Systems with Applications: An International Journal
Distributed denial of service attack detection using an ensemble of neural classifier

Computer Communications
Review: Analyzing well-known countermeasures against distributed denial of service attacks

Computer Communications
A hybrid defense mechanism for DDoS attacks using cluster analysis in MANET

Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present and evaluate a Radial-basis-function neural network detector for Distributed-Denial-of-Service (DDoS) attacks in public networks based on statistical features estimated in short-time window analysis of the incoming data packets. A small number of statistical descriptors were used to describe the DDoS attacks behaviour, and an accurate classification is achieved using the Radial-basis-function neural networks (RBF-NN). The proposed method is evaluated in a simulated public network and showed detection rate better than 98% of DDoS attacks using only three statistical features estimated from one window of data packets of 6s length. The same type of experiments were carried out on a real network giving significantly better results: a 100% DDoS detection rate is achieved followed by a 0% of false alarm rate using different statistical descriptors and training conditions for the RBF-NN.