DDOS-attacks detection using an efficient measurement-based statistical mechanism

Benamar Bouyeddou, Benamar Kadri, Fouzi Harrou, Ying Sun

Research output: Contribution to journalArticlepeer-review

33 Scopus citations

Abstract

A monitoring mechanism is vital for detecting malicious attacks against cyber systems. Detecting denial of service (DOS) and distributed DOS (DDOS) is one of the most important security challenges facing network technologies. This paper introduces a reliable detection mechanism based on the continuous ranked probability score (CRPS) statistical metric and exponentially smoothing (ES) scheme for enabling efficient detection of DOS and DDOS attacks. In this regard, the CRPS is used to quantify the dissimilarity between a new observation and the distribution of normal traffic. The ES scheme, which is sensitive in detecting small changes, is applied to CRPS measurements for anomaly detection. Moreover, in CRPS-ES approach, a nonparametric decision threshold computed via kernel density estimation is used to suitably detect anomalies. Tests on three publically available datasets proclaim the efficiency of the proposed mechanism in detecting cyber-attacks.

Bibliographical note

KAUST Repository Item: Exported on 2020-10-01
Acknowledgements: The research reported in this publication was supported by funding from King Abdullah University of Science and Technology (KAUST), Office of Sponsored Research (OSR) under Award No: OSR-2019- CRG7-3800.

Fingerprint

Dive into the research topics of 'DDOS-attacks detection using an efficient measurement-based statistical mechanism'. Together they form a unique fingerprint.

Cite this