IEEE Transactions on Software Engineering - Special issue on computer security and privacy
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Machine Learning
SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
IEEE Transactions on Information Theory
Traffic flooding attack detection with SNMP MIB using SVM
Computer Communications
Intrusion Detection by Ellipsoid Boundary
Journal of Network and Systems Management
Probing attacks on multi-agent systems using electronic institutions
DALT'11 Proceedings of the 9th international conference on Declarative Agent Languages and Technologies
| Hi-index | 0.00 |
The (Distributed) Denial of Service (DoS/DDoS) attacks have become the main devastating threats to web services, and generally, the Probing attacks are the prior steps of DoS/DDoS attacks. To achieve the aim of the information assurance, an intrusion detection mechanism based on the Vector Quantization (VQ) technique is proposed for countering DoS/DDoS and Probing attacks in this paper. The normal network traffic usage profile can be modeled and represented by the codebook of VQ from which the abnormal behavior deviation of TCP traffic can be measured quantitatively well. In data processing, according to the characters of DoS/DDoS and Probing attacks, we implement the novel feature extraction of TCP flow state. We apply the detection mechanism to DARPA Intrusion Detection Evaluation Data Set. It is shown that the network attacks are detected with more efficiency and relatively low false alarms.