About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
3rd International ICST Symposium on Information Assurance and Security

Research Article

Early DoS Attack Detection using Smoothened Time-Series andWavelet Analysis

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1109/IAS.2007.16,
        author={Pravin  Shinde and Srinivas  Guntupalli},
        title={Early DoS Attack Detection using Smoothened Time-Series andWavelet Analysis},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Computer crime  Computer networks  Computer security  Floods  Information security  Protocols  Telecommunication traffic  Time series analysis  Traffic control  Wavelet analysis},
        doi={10.1109/IAS.2007.16}
    }
    
  • Pravin Shinde
    Srinivas Guntupalli
    Year: 2007
    Early DoS Attack Detection using Smoothened Time-Series andWavelet Analysis
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.16
Pravin Shinde1,*, Srinivas Guntupalli1,*
  • 1: CDAC, Mumbai
*Contact email: pravin@cdacmumbai.in, srinivas@cdacmumbai.in

Abstract

Denial of Service (DoS) attacks are ubiquitous to computer networks. Flood based attacks are a common class of DoS attacks. DoS detection mechanisms that aim at detecting floods mainly look for sudden changes in the traffic and mark them anomalous. In this paper, we propose a method that considers the traffic in a network as a time-series and smoothens it using exponential moving average and analyzes the smoothened wave using energy distribution based on wavelet analysis. The parameters we used to represent the traffic are number of bytes received per unit time and the proportion between incoming and outgoing bytes. By analyzing the energy distribution in the wavelet form of a smoothened time-series, growth in the traffic, which is the result of a DoS attack can be detected very early. As the parameters we considered represent different properties of the network, the accuracy of the detection will be very high and with less false positives.

Keywords
Computer crime Computer networks Computer security Floods Information security Protocols Telecommunication traffic Time series analysis Traffic control Wavelet analysis
Published
2007-09-10
Publisher
IEEE
Modified
2011-08-02
http://dx.doi.org/10.1109/IAS.2007.16
Copyright © 2007–2025 IEEE
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL