TY - GEN
T1 - Detecting cyber-attacks using a CRPS-based monitoring approach
AU - Harrou, Fouzi
AU - Bouyeddou, Benamar
AU - Sun, Ying
AU - Kadri, Benamar
N1 - KAUST Repository Item: Exported on 2020-10-01
Acknowledged KAUST grant number(s): OSR-2015-CRG4-2582
Acknowledgements: The research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST)Office of Sponsored Research (OSR) under Award No: OSR-2015-CRG4-2582. The anthors(Benamar Bouyeddou and Benamar Kadri) would like to thank the STIC Lab, Department of Telecommunications, Abou Bekr Belkaid University for the continued support during the research.
PY - 2019/2/28
Y1 - 2019/2/28
N2 - Cyber-attacks can seriously affect the security of computers and network systems. Thus, developing an efficient anomaly detection mechanism is crucial for information protection and cyber security. To accurately detect TCP SYN flood attacks, two statistical schemes based on the continuous ranked probability score (CRPS) metric have been designed in this paper. Specifically, by integrating the CRPS measure with two conventional charts, Shewhart and the exponentially weighted moving average (EWMA) charts, novel anomaly detection strategies were developed: CRPS-Shewhart and CRPS-EWMA. The efficiency of the proposed methods has been verified using the 1999 DARPA intrusion detection evaluation datasets.
AB - Cyber-attacks can seriously affect the security of computers and network systems. Thus, developing an efficient anomaly detection mechanism is crucial for information protection and cyber security. To accurately detect TCP SYN flood attacks, two statistical schemes based on the continuous ranked probability score (CRPS) metric have been designed in this paper. Specifically, by integrating the CRPS measure with two conventional charts, Shewhart and the exponentially weighted moving average (EWMA) charts, novel anomaly detection strategies were developed: CRPS-Shewhart and CRPS-EWMA. The efficiency of the proposed methods has been verified using the 1999 DARPA intrusion detection evaluation datasets.
UR - http://hdl.handle.net/10754/631694
UR - https://ieeexplore.ieee.org/document/8628797
UR - http://www.scopus.com/inward/record.url?scp=85062791705&partnerID=8YFLogxK
U2 - 10.1109/SSCI.2018.8628797
DO - 10.1109/SSCI.2018.8628797
M3 - Conference contribution
SN - 9781538692769
SP - 618
EP - 622
BT - 2018 IEEE Symposium Series on Computational Intelligence (SSCI)
PB - Institute of Electrical and Electronics Engineers (IEEE)
ER -