Detecting SYN flood attacks via statistical monitoring charts: A comparative study

Benamar Bouyeddou, Fouzi Harrou, Ying Sun, Benamar Kadri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Scopus citations


Accurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.
Original languageEnglish (US)
Title of host publication2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
ISBN (Print)9781538606865
StatePublished - Dec 14 2017


Dive into the research topics of 'Detecting SYN flood attacks via statistical monitoring charts: A comparative study'. Together they form a unique fingerprint.

Cite this