计算机工程2002,Vol.28Issue(z1):86-91,6.
Detection of Denial-of-service Attacks
Detection of Denial-of-service Attacks
摘要
Abstract
Denial-of-service (DOS) is a type of computer attack, which can essentially disable computers and networks.Resource consumption type of DOS attack could not be detected by the traditional misuse detection technique. This paper presents a new method of support vector mchine (SVM) to detect these attacks. We find that a DOS attack to a host is related to the activities within an impact data set of the host. The SVM method is used to classify the subsets of an impact data set to estimate its anomalism. The experiment result shows that this method can detect resource consumption type of DOS attacks, such as SYNflood, Smurf and UDP-storm. A receiver operating characteristic curve is plotted to determine performance for any possible operating point of the DOS attacks detection.关键词
Denial-of-service attack/Support vector machine/Intrusion detection/Receiver operating characteristicKey words
Denial-of-service attack/Support vector machine/Intrusion detection/Receiver operating characteristic分类
信息技术与安全科学引用本文复制引用
..Detection of Denial-of-service Attacks [J].计算机工程,2002,28(z1):86-91,6.基金项目
This research is supported by foundation of national plan"863"(No.00 1AA142080). (No.00 1AA142080)
