An Effective Network Intrusion Detection Using Hellinger Distance-Based Monitoring Mechanism

Benamar Bouyeddou, Fouzi Harrou, Ying Sun, Benamar Kadri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

This paper proposes an intrusion detection scheme for Denial Of Service (DOS) and Distributed DOS (DDOS) attacks detection. We used Hellinger distance (HD), which is an effective measure to quantify the similarity between two distributions, to detect the presence of potential malicious attackers. Specifically, we applied HD-based anomaly detection mechanism to detect SYN and ICMPv6-based DOS/DDOS attacks. Here, Shewhart chart is applied to HD to set up a detection threshold. The proposed mechanism is evaluated using DARPA99 and ICMPv6 traffic datasets. Results indicate that our mechanism accomplished reliable detection of DOS/DDOS flooding attacks.
Original languageEnglish (US)
Title of host publication2018 International Conference on Applied Smart Systems (ICASS)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
ISBN (Print)9781538668665
DOIs
StatePublished - Mar 18 2019

Fingerprint

Dive into the research topics of 'An Effective Network Intrusion Detection Using Hellinger Distance-Based Monitoring Mechanism'. Together they form a unique fingerprint.

Cite this