Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.
Detection and classification of slow DoS attacks targeting network servers
Enrico Cambiaso;Maurizio Aiello;Maurizio Mongelli;Ivan Vaccari
2020
Abstract
Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
