Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

On the Estimation of Attacks in Computer Networks with an AR Approach


Affiliations
1 Menoufia University, Menouf, Egypt
2 Department of Electronics and Communications, Menoufia University, Menouf-32952, Egypt
     

   Subscribe/Renew Journal


This Paper proposes a network based intrusion detection approach using anomaly detection in the presence of Denial of Service attacks (DoS). Flood based attacks are a common class of DoS attacks. DoS detection mechanisms that aim at detecting floods mainly look for sudden changes in the traffic and mark them anomalous. In this approach, network traffic is decomposed into control and data planes to study the relationship between them. As the data traffic generation is based on control traffic, the behavior of the two planes is expected to be similar during normal behavior. Therefore, detecting dissimilarity between the traffic of the two planes can indicate an abnormal behavior. Toward that objective, an Auto Regressive (AR) model has been used. Simulation results show that both the accuracy of the detection and less false positives.

Keywords

Auto Regressive (AR), Denial-of-Service (DoS), Network Intrusion Detection Systems (NIDS).
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 146

PDF Views: 2




  • On the Estimation of Attacks in Computer Networks with an AR Approach

Abstract Views: 146  |  PDF Views: 2

Authors

Rania A. Ghazy
Menoufia University, Menouf, Egypt
El-Sayed M. El-Rabaie
Department of Electronics and Communications, Menoufia University, Menouf-32952, Egypt
Moawad I. Dessouky
Department of Electronics and Communications, Menoufia University, Menouf-32952, Egypt
Nawal A. El-Feshawy
Department of Electronics and Communications, Menoufia University, Menouf-32952, Egypt
Fathi E. Abd El-Samie
Department of Electronics and Communications, Menoufia University, Menouf-32952, Egypt

Abstract


This Paper proposes a network based intrusion detection approach using anomaly detection in the presence of Denial of Service attacks (DoS). Flood based attacks are a common class of DoS attacks. DoS detection mechanisms that aim at detecting floods mainly look for sudden changes in the traffic and mark them anomalous. In this approach, network traffic is decomposed into control and data planes to study the relationship between them. As the data traffic generation is based on control traffic, the behavior of the two planes is expected to be similar during normal behavior. Therefore, detecting dissimilarity between the traffic of the two planes can indicate an abnormal behavior. Toward that objective, an Auto Regressive (AR) model has been used. Simulation results show that both the accuracy of the detection and less false positives.

Keywords


Auto Regressive (AR), Denial-of-Service (DoS), Network Intrusion Detection Systems (NIDS).