Towards multisensor data fusion for DoS detection

DSpace/Manakin Repository

Show simple item record

dc.contributor.author Siaterlis, C en
dc.contributor.author Maglaris, B en
dc.date.accessioned 2014-03-01T02:43:00Z
dc.date.available 2014-03-01T02:43:00Z
dc.date.issued 2004 en
dc.identifier.uri http://hdl.handle.net/123456789/31180
dc.subject Anomaly detection en
dc.subject Data fusion en
dc.subject Denial of Service en
dc.subject.other Anomaly detection en
dc.subject.other Data fusion en
dc.subject.other Denial of service en
dc.subject.other Multisensors en
dc.subject.other Computer networks en
dc.subject.other Electricity en
dc.subject.other Heuristic methods en
dc.subject.other Inference engines en
dc.subject.other Problem solving en
dc.subject.other Random processes en
dc.subject.other Sensors en
dc.subject.other Servers en
dc.subject.other Data reduction en
dc.title Towards multisensor data fusion for DoS detection en
heal.type conferenceItem en
heal.identifier.primary 10.1145/967900.967992 en
heal.identifier.secondary http://dx.doi.org/10.1145/967900.967992 en
heal.publicationDate 2004 en
heal.abstract In our present work we introduce the use of data fusion in the field of DoS anomaly detection. We present Dempster-Shafer's Theory of Evidence (D-S) as the mathematical foundation for the development of a novel DoS detection engine. Based on a data fusion paradigm, we combine multiple evidence generated from simple heuristics to feed our D-S inference engine and attempt to detect flooding attacks. Our approach has as its main advantages the modeling power of Theory of Evidence in expressing beliefs in some hypotheses, the ability to add the notions of uncertainty and ignorance in the system and the quantitative measurement of the belief and plausibility in our detection results. We evaluate our detection engine prototype through a set of experiments, that were conducted with real network traffic and with the use of common DDoS tools. We conclude that data fusion is a promising approach that could increase the DoS detection rate and decrease the false alarm rate. en
heal.journalName Proceedings of the ACM Symposium on Applied Computing en
dc.identifier.doi 10.1145/967900.967992 en
dc.identifier.volume 1 en
dc.identifier.spage 439 en
dc.identifier.epage 446 en

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record