A system approach to network modeling for DDoS detection using a Naìve Bayesian classifier
TL;DR: The approach to a carefully engineered, practically realised system to detect DoS attacks using a Naìve Bayesian(NB) classifier is described, which includes network modeling for two protocols - TCP and UDP.
Abstract: Denial of Service(DoS) attacks pose a big threat to any electronic society. DoS and DDoS attacks are catastrophic particularly when applied to highly sensitive targets like Critical Information Infrastructure. While research literature has focussed on using various fundamental classifier models for detecting attacks, the common trend observed in literature is to classify DoS attacks into the broad class of intrusions, which makes proposed solutions to this class of attacks unrealistic in practical terms. In this work, the approach to a carefully engineered, practically realised system to detect DoS attacks using a Naive Bayesian(NB) classifier is described. The work includes network modeling for two protocols - TCP and UDP.
...read more
Citations
163 citations
137 citations
Cites methods from "A system approach to network modeli..."
...[81] propose a lightweight DoS classifier framework to operate on both the TCP and User Datagram Protocol (UDP) protocols....
[...]
69 citations
Cites methods from "A system approach to network modeli..."
...[53] developed a DoS detection system with an NB classifier in a Virtex 4 FPGA....
[...]
59 citations
Cites background or methods from "A system approach to network modeli..."
...In the remainder of this section, we describe parameters that were used to build our model and other design considerations that shaped our model design....
[...]
...Traffic to particular ports are then source separated and trained by separate models for each port....
[...]
47 citations
Cites methods from "A system approach to network modeli..."
...[54] proposed a real-time detection method using a Naive Bayes classifier....
[...]
References
1,747 citations
"A system approach to network modeli..." refers background in this paper
...A taxonomy of DDoS attacks and defence mechanims has been documented in [18]....
[...]
536 citations
"A system approach to network modeli..." refers methods in this paper
...The include statistical approaches, like [6], which proposes a Chi-Square-Test on the entropy values of the packet headers....
[...]
519 citations
"A system approach to network modeli..." refers background in this paper
...Some examples include hash pre-image based client puzzles as proposed in [4] and [5]....
[...]
408 citations
332 citations