A New Multivariate Correlation Study for Detection of Denial-of-Service Attack

We present a attack detection system that utilizes Multivariate Correlation Analysis (MCA) for precise system traffic portrayal by removing the geometrical relationships between's system traffic highlights. Our MCA-based DoSattack identification framework utilizes the rule of abnormality based detection in attack acknowledgment. This makes our answer equipped for distinguishing known and obscure DoSattacks adequately by learning the examples of real system traffic as it were. Besides, a triangle-zone based system is proposed to upgrade and to accelerate the procedure of MCA. The adequacy of our proposed location framework is assessed utilizing KDD Cup 99 dataset, and the impacts of both non-standardized information and standardized information on the execution of the proposed identification framework are analyzed

Flooding Distributed Denial of Service Attacks-A Review

Flaws either in users’ implementation of a network or in the standard specification of protocols has resulted in gaps that allow various kinds of network attack to be launched. Of the kinds of network attacks, denial-of-service flood attacks have caused the most severe impact. Approach: This study reviews recent researches on flood attacks and their mitigation, classifying such attacks as either high-rate flood or low-rate flood. Finally, the attacks are compared against criteria related to their characteristics, methods and impacts. Results: Denial-of-service flood attacks vary in their rates, traffic, targets, goals and impacts. However, they have general similarities that are the methods used are flooding and the main purpose is to achieve denial of service to the target. Conclusion/Recommendations: Mitigation of the denial-of-service flood attacks must correspond to the attack rates, traffic, targets, goals and impacts in order to achieve effective solution

Flooding Distributed Denial of Service Attacks-A Review

Problem statement: Flaws either in users’ implementation of a network or in the standard specification of protocols has resulted in gaps that allow various kinds of network attack to be launched. Of the kinds of network attacks, denial-of service flood attacks have caused the most severe impact. Approach: This study reviews recent researches on flood attacks and their mitigation, classifying such attacks as either high-rate flood or low-rate flood. Finally, the attacks are compared against criteria related to their characteristics, methods and impacts. Results: Denial-of service flood attacks vary in their rates, traffic, targets, goals and impacts. However, they have general similarities that are the methods used are flooding and the main purpose is to achieve denial of service to the target. Conclusion/Recommendations: Mitigation of the denial-of service flood attacks must correspond to the attack rates, traffic, targets, goals and impacts in order to achieve effective solution

Improved Mca Based Dos Attack Detection

A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet Interconnected systems, such as Web servers, database servers, cloud computing servers etc, are now under threads from network attackers. As one of most common and aggressive means, Denial-of-Service (DoS) attacks cause serious impact on these computing systems. In this paper, we present a DoS attack detection system that uses Multivariate Correlation Analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features. Our MCA-based DoS attack detection system employs the principle of anomaly-based detection in attack recognition. This makes our solution capable of detecting known and unknown DoS attacks effectively by learning the patterns of legitimate network traffic only. Furthermore, a triangle-area-based technique is proposed to enhance and to speed up the process of MCA. The effectiveness of our proposed detection system is evaluated using KDD Cup 99 dataset, and the influences of both non-normalized data and normalized data on the performance of the proposed detection system are examined. The results show that our system outperforms two other previously developed state-of-the-art approaches in terms of detection accuracy

A novel intelligent approach for detecting DoS flooding attacks in software-defined networks

Software-Defined Networking (SDN) is an emerging networking paradigm that provides an advanced programming capability and moves the control functionality to a centralized controller. This paper proposes a two-stage novel intelligent approach that takes advantage of the SDN approach to detect Denial of Service (DoS) flooding attacks based on calculation of packet rate as the first step and followed by Support Vector Machine (SVM) classification as the second step. Flow concept is an essential idea in OpenFlow protocol, which represents a common interface between an SDN switch and an SDN controller. Therefore, our system calculates the packet rate of each flow based on flow statistics obtained by SDN controller. Once the packet rate exceeds a predefined threshold, the system will activate the packet inspection unit, which, in turn, will use the (SVM) algorithm to classify the previously collected packets. The experimental results showed that our system was able to detect DoS flooding attacks with 96.25% accuracy and 0.26% false alarm rate