Skip to main content
SpringerLink
Log in
Book cover

Hellenic Conference on Artificial Intelligence

SETN 2004: Methods and Applications of Artificial Intelligence pp 276–281Cite as

Feature Selection for Robust Detection of Distributed Denial-of-Service Attacks Using Genetic Algorithms

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3025))

Abstract

In this paper we present a robust neural network detector for Distributed Denial-of-Service (DDoS) attacks in computers providing Internet services. A genetic algorithm is used to select a small number of efficient features from an extended set of 44 statistical features, which are estimated only from the packet headers. The genetic evaluation produces an error-free neural network DDoS detector using only 14 features. Moreover, the experimental results showed that the features that best qualify for DDoS detection are the SYN and URG flags, the probability of distinct Source Ports in each timeframe, the number of packets that use certain port ranges the TTL and the window size in each timeframe.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mell, P., Marks, D., McLarnon: A denial-of-Service. Computer Networks 34, 641 (2000)

    Article  Google Scholar 

  2. Ditrich, S.: Analyzing Distributed Denial of Service Tools: The Shaft Case. In: Proc of the 14th Systems Administration Conference-LISA 2000, New Orleans, USA, pp. 329–339 (2000)

    Google Scholar 

  3. Ryan, J., Lin, M.J., Miikkulainen, R.: Intrusion Detection with Neural Networks. In: Jordan, M., et al. (eds.) Advances in Neural Information Processing Systems 10, pp. 943–949. MIT Press, Cambridge (1998)

    Google Scholar 

  4. Mukkamala, S., Janoski, G., Sung, A.: Intrusion Detection using Neural Networks and Support Vector Machines. In: Proc. IJCNN, vol. 2, pp. 1702–1707 (2002)

    Google Scholar 

  5. Bonifacio, J., Casian, A.: Neural Networks Applied in Intrusion Detection Systems. In: Proc. Word Congress on Computational Intelligence - WCCI, Anchorage, USA, pp. 205–210 (1998)

    Google Scholar 

  6. Helmer, G., Wong, J., Honavar, V., Miller, L.: Feature Selection Using a Genetic Algorithm for Intrusion Detection. In: Proceedings of the Genetic and Evolutionary Computation Conference, vol. 2, p. 1781 (1999)

    Google Scholar 

  7. Chen, Y.W.: Study on the prevention of SYN flooding by using traffic policing. In: IEEE Symposium on Network Operations and Management, pp. 593–604 (2000)

    Google Scholar 

  8. Schuba, C., Krsul, I., Kuhn, M., Spafford, E., Sundaram, A., Zamboni, D.: Analysis of a denial-of-service attack on TCP. In: Proc. IEEE Computer Society Symposium on Research in Security and Privacy, USA, pp. 208–223 (1997)

    Google Scholar 

  9. Lippmann, R., Cunnigham, R.: Improving intrusion detection performance using Keyword selection and neural networks. Computer Networks 34, 596–603 (2000)

    Google Scholar 

  10. Lau, F., Rubin, S., Smith, M., Trajkovic, L.: Distributed denail-of-service attacks. In: Proc. IEEE Inter. Conference on Systems, Man and Cybernetics, vol. 3, pp. 2275–2280 (2000)

    Google Scholar 

  11. Cabrera, J., Ravichandran, B., Mehra, R.: Statistical Traffic Modeling for network intrusion detection. In: IEEE Inter. Workshop on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems, pp. 466–473 (2000)

    Google Scholar 

  12. Bivens, A., Palagiri, C., Smith, R., Szymanski, B., Embrechts, M.: Network-Based Intrusion Detection using Neural Networks. In: Artificial Neural Networks In Engineering, St. Louis, Missouri, November 10-13 (2002)

    Google Scholar 

  13. Narayanaswamy, K., Ross, T., Spinney, B., Paquette, M., Wright, C.: System and process for defending against denial of service attacks on network nodes. Patent WO0219661, Top Layer Networks Inc., USA (2002)

    Google Scholar 

  14. Fletcher, R.: Practical methods of optimization, pp. 38–45. John Wiley & Sons, Chichester (1980)

    MATH  Google Scholar 

  15. Back, T., Schwefel, H.: An overview of evolutionary algorithms for parameter optimization. Evolutionary Computation 1, 1–23 (1993)

    Article  Google Scholar 

  16. Goldberg, D.: Genetic algorithms in Search, Optimization and Machine Learning. Addison- Wesley, Reading (1989)

    MATH  Google Scholar 

  17. Branch, J., Bivens, A., Chan, C., Lee, T., Szymanski, B.: Denial of Service Intrusion Detection Using Time-Dependent Finite Automata, http://www.cs.rpi.edu/~brancj/research.htm

  18. Cox, D., McClanahan, K.: Method for Blocking Denial of Service and Address spoofing attacks on a private network. Patent WO9948303, Cisco Tech Ind, USA (1999)

    Google Scholar 

  19. Belissent, J.: Method and apparatus for preventing a denial of service (DOS) attack by selectively throttling TCP/IP requests. Patent WO0201834, Sun Microsystems Inc, USA (2002)

    Google Scholar 

  20. Maher, R., Bennett, V.: Method for preventing denial of service attacks. Patent WO0203084, Netrake Corp, USA (2002)

    Google Scholar 

  21. Scwartau, W.: Surviving denial-of-service. Computers & Security 18, 124–133 (1999)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering and Computer Technology, University of Patras, Patras, Hellas

    Gavrilis Dimitris & Dermatas Evangelos

  2. Department of Computer Science, University of Ioannina, Hellas

    Tsoulos Ioannis

Authors
  1. Gavrilis Dimitris
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tsoulos Ioannis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dermatas Evangelos
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Info and Communication Systems Eng, Aegean University, 83200, Karlovassi, Samos, Greece

    George A. Vouros

  2. Department of Informatics, University of Piraeus, Piraeus, Greece

    Themistoklis Panayiotopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dimitris, G., Ioannis, T., Evangelos, D. (2004). Feature Selection for Robust Detection of Distributed Denial-of-Service Attacks Using Genetic Algorithms. In: Vouros, G.A., Panayiotopoulos, T. (eds) Methods and Applications of Artificial Intelligence. SETN 2004. Lecture Notes in Computer Science(), vol 3025. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24674-9_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24674-9_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21937-8

  • Online ISBN: 978-3-540-24674-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation