Detecting denial of service attacks using emergent self-organizing maps
- 25 January 2006
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Denial of Service attacks constitute one of the greatest problem in network security. Monitoring traffic is one of the main techniques used in order to find out the existence of possible outliers in the traffic patterns. In this paper, we propose an approach that detects Denial of Service attacks using Emergent Self-Organizing Maps. The approach is based on classifying "normal" traffic against "abnormal" traffic in the sense of Denial of Service attacks. The approach permits the automatic classification of events that are contained in logs and visualization of network traffic. Extensive simulations show the effectiveness of this approach compared to previously proposed approaches regarding false alarms and detection probabilities.Keywords
This publication has 4 references indexed in Scilit:
- DDoS attacks and defense mechanisms: classification and state-of-the-artComputer Networks, 2004
- On the capability of an SOM based intrusion detection systemPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004
- Host-based intrusion detection using self-organizing mapsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Data Mining and Knowledge Discovery with Emergent Self-Organizing Feature Maps for Multivariate Time SeriesPublished by Elsevier BV ,1999