Distributed Denial of Service Attack Detection: A Hybrid Intelligent System Approach
No Thumbnail Available
Date
2008-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The occurrence of distributed denial of service (DDoS) attacks has become more frequent
in today’s network environment. Detecting these attacks would prevent the unnecessary
utilization of resources which otherwise could have been used to service legitimate users.
This requires the implementation of an effective DDoS detection system. Many
researches have proposed a number of DDoS detection systems and one of the recent
ideas is to use the hybrid intelligent systems for the effective detection of DDoS attacks.
In this work, adaptive neuro-fuzzy inference system (ANFIS) has been used as the hybrid
intelligent system for the detection of DDoS attacks. An experimental environment has
been setup to collect the normal and attack traffic data for training and testing purposes.
A detection system has been proposed having ANFIS as its detection core. The proposed
system has been tested in the detection of TCP SYN flooding attack. It is found that
ANFIS is able to classify the TCP SYN DDoS data with very good precision.
Description
Keywords
System, Approach