@inproceedings{683986b356c1443291c3a9186e6c628c,
title = "Detection of smurf flooding attacks using Kullback-Leibler-based scheme",
abstract = "Reliable and timely detection of cyber attacks become indispensable to protect networks and systems. Internet control message protocol (ICMP) flood attacks are still one of the most challenging threats in both IPv4 and IPv6 networks. This paper proposed an approach based on Kullback-Leibler divergence (KLD) to detect ICMP-based Denial Of service (DOS) and Distributed Denial Of Service (DDOS) flooding attacks. This is motivated by the high capacity of KLD to quantitatively discriminate between two distributions. Here, the three-sigma rule is applied to the KLD distances for anomaly detection. We evaluated the effectiveness of this scheme by using the 1999 DARPA Intrusion Detection Evaluation Datasets.",
keywords = "DARPA99 dataset, ICMP flood, KL distance, anomaly detection, cyber-attack",
author = "Benamar Bouyeddou and Fouzi Harrou and Ying Sun and Benamar Kadri",
note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 4th International Conference on Computer and Technology Applications, ICCTA 2018 ; Conference date: 03-05-2018 Through 05-05-2018",
year = "2018",
month = jun,
day = "27",
doi = "10.1109/CATA.2018.8398647",
language = "English (US)",
series = "2018 4th International Conference on Computer and Technology Applications, ICCTA 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "11--15",
booktitle = "2018 4th International Conference on Computer and Technology Applications, ICCTA 2018",
address = "United States",
}