TY - GEN
T1 - An Effective Network Intrusion Detection Using Hellinger Distance-Based Monitoring Mechanism
AU - Bouyeddou, Benamar
AU - Harrou, Fouzi
AU - Sun, Ying
AU - Kadri, Benamar
N1 - KAUST Repository Item: Exported on 2020-10-01
Acknowledged KAUST grant number(s): OSR-2015-CRG4-2582
Acknowledgements: The research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST) Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The authors (Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.
PY - 2019/3/18
Y1 - 2019/3/18
N2 - This paper proposes an intrusion detection scheme for Denial Of Service (DOS) and Distributed DOS (DDOS) attacks detection. We used Hellinger distance (HD), which is an effective measure to quantify the similarity between two distributions, to detect the presence of potential malicious attackers. Specifically, we applied HD-based anomaly detection mechanism to detect SYN and ICMPv6-based DOS/DDOS attacks. Here, Shewhart chart is applied to HD to set up a detection threshold. The proposed mechanism is evaluated using DARPA99 and ICMPv6 traffic datasets. Results indicate that our mechanism accomplished reliable detection of DOS/DDOS flooding attacks.
AB - This paper proposes an intrusion detection scheme for Denial Of Service (DOS) and Distributed DOS (DDOS) attacks detection. We used Hellinger distance (HD), which is an effective measure to quantify the similarity between two distributions, to detect the presence of potential malicious attackers. Specifically, we applied HD-based anomaly detection mechanism to detect SYN and ICMPv6-based DOS/DDOS attacks. Here, Shewhart chart is applied to HD to set up a detection threshold. The proposed mechanism is evaluated using DARPA99 and ICMPv6 traffic datasets. Results indicate that our mechanism accomplished reliable detection of DOS/DDOS flooding attacks.
UR - http://hdl.handle.net/10754/631834
UR - https://ieeexplore.ieee.org/document/8652008
UR - http://www.scopus.com/inward/record.url?scp=85063424814&partnerID=8YFLogxK
U2 - 10.1109/ICASS.2018.8652008
DO - 10.1109/ICASS.2018.8652008
M3 - Conference contribution
SN - 9781538668665
BT - 2018 International Conference on Applied Smart Systems (ICASS)
PB - Institute of Electrical and Electronics Engineers (IEEE)
ER -