Detecting denial of service attacks using emergent self-organizing maps

25 January 2006

conference paper
conference paper
Published by Institute of Electrical and Electronics Engineers (IEEE)

https://doi.org/10.1109/isspit.2005.1577126

Abstract

Denial of Service attacks constitute one of the greatest problem in network security. Monitoring traffic is one of the main techniques used in order to find out the existence of possible outliers in the traffic patterns. In this paper, we propose an approach that detects Denial of Service attacks using Emergent Self-Organizing Maps. The approach is based on classifying "normal" traffic against "abnormal" traffic in the sense of Denial of Service attacks. The approach permits the automatic classification of events that are contained in logs and visualization of network traffic. Extensive simulations show the effectiveness of this approach compared to previously proposed approaches regarding false alarms and detection probabilities.

Keywords

This publication has 4 references indexed in Scilit:

DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks, 2004
On the capability of an SOM based intrusion detection system
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2004
Host-based intrusion detection using self-organizing maps
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Data Mining and Knowledge Discovery with Emergent Self-Organizing Feature Maps for Multivariate Time Series
Published by Elsevier BV ,1999

Cited by 22 articles