Paper Info
Title
A similarity based approach for application DoS attacks detection
Abstract
The ability to identify anomalous traffic patterns is a central issue for network managers: primarily lots of problems could arise from network attacks, such as viruses and tunneling tools. In this paper we present a detection algorithm able to extract information analyzing features of the network traffic containing attacks. The algorithm exploits statistical methodologies for traffic categorization. To assess the practical usability of the proposed algorithms we have tested its application in a case of abuse of resources through an application DoS attack known as slowloris. We have obtained an excellent reliability both analyzing single samples of traffic (100% of anomalies detection, with 1% probability of false positives) and processing multiple samples, through an average measurement (100% of anomalies detection, with a distance between traffics of 5.29 σ, providing an extremely low false positive error rate).
Year
DOI
Venue
2013
10.1109/ISCC.2013.6754984
Computers and Communications
Keywords
Field
DocType
computer network security,statistical analysis,telecommunication traffic,anomalous traffic pattern identification,application DoS attacks detection,network attacks,network traffic,similarity based approach,slowloris,statistical methodologies,traffic categorization,tunneling tools,viruses,anomaly based detection,network traffic characterization,slow dos attack
Traffic generation model,Denial-of-service attack,Computer science,Robust random early detection,Word error rate,Usability,Network security,Computer network,Intrusion detection system,False positive paradox
Conference
ISSN
Citations 
PageRank 
1530-1346
7
0.56
References 
Authors
10
4
Name
Order
Citations
PageRank
Maurizio Aiello110913.92
Enrico Cambiaso28812.29
Silvia Scaglione3774.09
Gianluca Papaleo4989.93