An in-depth analysis on traffic flooding attacks detection and system using data mining techniques

Authors:
Jaehak Yu;Hyunjoong Kang;Daeheon Park;Hyo-Chan Bang;Do Wook Kang
Affiliations:
-;-;-;-;-
Venue:
Journal of Systems Architecture: the EUROMICRO Journal
Year:
2013

Citing 10
Cited 0

Proactive Intrusion Detection and Distributed Denial of Service Attacks—A Case Study in Security Management

Journal of Network and Systems Management
Efficient C4.5

IEEE Transactions on Knowledge and Data Engineering
Hybrid Genetic Algorithms for Feature Selection

IEEE Transactions on Pattern Analysis and Machine Intelligence
Data Mining: Concepts and Techniques

Data Mining: Concepts and Techniques
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Securing vehicular ad hoc networks

Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
Traffic flooding attack detection with SNMP MIB using SVM

Computer Communications
Web of Things: Description, Discovery and Integration

ITHINGSCPSCOM '11 Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing
On the anomaly intrusion-detection in mobile ad hoc network environments

PWC'06 Proceedings of the 11th IFIP TC6 international conference on Personal Wireless Communications
Traffic anomaly detection and characterization in the tunisian national university network

NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, as network traffic flooding attack such as DoS and DDoS have posed devastating threats on network services, rapid detection, and semantic analysis are the major concern for secure and reliable network services. In addition, in a recent issue of the safety and comfort of vehicles and communication technologies for service is required. We propose a traffic flooding attack detection and an in-depth analysis system that uses data mining techniques. In this paper we (1) designed and implemented a system that detects traffic flooding attacks. Then, it executes classification by attack type and it uses SNMP MIB information based on C4.5 algorithm; (2) conducted a semantic interpretation that extracts and analyzes the rules of execution mechanism that are additionally provided by C4.5; (3) performed an in-depth analysis on the attack patterns and useful knowledge inherent in their data by type, utilizing association rule mining. Classification by attack and attack type based on C4.5 and association rules, automatic rule extraction and semantic in-depth interpretation, which are proposed in this paper, provide a positive possibility to add momentum towards the development of new methodologies for intrusion detection systems as well as to support establishing policies for intrusion detection and response systems.