Denial-of-service attack-detection techniques

Glenn Carl; George Kesidis; Richard R. Brooks; Suresh Rai

doi:10.1109/MIC.2006.5

Denial-of-service attack-detection techniques

Glenn Carl, George Kesidis, Richard R. Brooks, Suresh Rai

Research output: Contribution to journal › Article › peer-review

314 Citations (SciVal)

Abstract

Denial-of-service (DoS) detection techniques - such as activity profiling, changepoint detection, and wavelet - based signal analysis - face the considerable challenge of discriminating network-based flooding attacks from sudden increases in legitimate activity or flash events. This survey of techniques and testing results provides insight into our ability to successfully identify DoS flooding attacks. Although each detector shows promise in limited testing, none completely solve the detection problem. Combining various approaches with experienced network operators will most likely produce the best results.

Original language	English (US)
Pages (from-to)	82-89
Number of pages	8
Journal	IEEE Internet Computing
Volume	10
Issue number	1
DOIs	https://doi.org/10.1109/MIC.2006.5
State	Published - Jan 2006

All Science Journal Classification (ASJC) codes

Computer Networks and Communications

Access to Document

10.1109/MIC.2006.5

Cite this

@article{c46b4f6106304c768ea4cca4e3f6fe69,

title = "Denial-of-service attack-detection techniques",

abstract = "Denial-of-service (DoS) detection techniques - such as activity profiling, changepoint detection, and wavelet - based signal analysis - face the considerable challenge of discriminating network-based flooding attacks from sudden increases in legitimate activity or flash events. This survey of techniques and testing results provides insight into our ability to successfully identify DoS flooding attacks. Although each detector shows promise in limited testing, none completely solve the detection problem. Combining various approaches with experienced network operators will most likely produce the best results.",

author = "Glenn Carl and George Kesidis and Brooks, {Richard R.} and Suresh Rai",

note = "Funding Information: Our work was supported by a US National Science Foundation grant (CCR0310916) and the Pennsylvania State University Applied Research Laboratory{\textquoteright}s Educational and Foundational program.",

year = "2006",

month = jan,

doi = "10.1109/MIC.2006.5",

language = "English (US)",

volume = "10",

pages = "82--89",

journal = "IEEE Internet Computing",

issn = "1089-7801",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "1",

}

TY - JOUR

T1 - Denial-of-service attack-detection techniques

AU - Carl, Glenn

AU - Kesidis, George

AU - Brooks, Richard R.

AU - Rai, Suresh

N1 - Funding Information: Our work was supported by a US National Science Foundation grant (CCR0310916) and the Pennsylvania State University Applied Research Laboratory’s Educational and Foundational program.

PY - 2006/1

Y1 - 2006/1

N2 - Denial-of-service (DoS) detection techniques - such as activity profiling, changepoint detection, and wavelet - based signal analysis - face the considerable challenge of discriminating network-based flooding attacks from sudden increases in legitimate activity or flash events. This survey of techniques and testing results provides insight into our ability to successfully identify DoS flooding attacks. Although each detector shows promise in limited testing, none completely solve the detection problem. Combining various approaches with experienced network operators will most likely produce the best results.

AB - Denial-of-service (DoS) detection techniques - such as activity profiling, changepoint detection, and wavelet - based signal analysis - face the considerable challenge of discriminating network-based flooding attacks from sudden increases in legitimate activity or flash events. This survey of techniques and testing results provides insight into our ability to successfully identify DoS flooding attacks. Although each detector shows promise in limited testing, none completely solve the detection problem. Combining various approaches with experienced network operators will most likely produce the best results.

UR - http://www.scopus.com/inward/record.url?scp=31544436627&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=31544436627&partnerID=8YFLogxK

U2 - 10.1109/MIC.2006.5

DO - 10.1109/MIC.2006.5

M3 - Article

AN - SCOPUS:31544436627

SN - 1089-7801

VL - 10

SP - 82

EP - 89

JO - IEEE Internet Computing

JF - IEEE Internet Computing

IS - 1

ER -

Denial-of-service attack-detection techniques

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this