Abstract
DDoS attack methods become more sophisticated and effective. An attacker combines various attack methods, and as a result, attacks become more difficult to be detected. In order to cope with these problems, there have been many researches on the defense mechanisms including various DDoS detection mechanisms.
SVM is suitable for attack detection since it is a binary classification method. However, it is not appropriate to classify attack categories such as SYN Flooding attack, Smurf attack, UDP Flooding, and so on. Because of this weakness, administrator does not react against the attack timely. To solve this problem, we propose a machine learning model based on Multiple Support Vector Machines (MSVMs), and a new DDoS detection model based on Multiple Support Vector Machines (MSVMs). The proposed model enhanced attack detection accuracy and it classifies attack categories well when the proposed model detects the attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Garber, L.: Denial-of-service attacks rip the internet. IEEE Computer 33(4), 12–17 (2000)
Moore, D., Voelker, G.M., Savage, S.: Inferring internet denial-of-service activity. In: Proceedings of the 10th , pp. 9–22 (2001)
Gil, T., Poletto, M.: MULTOPS: a data-structure for bandwidth attack detection. In: Proceedings of the 10th USENIX Security Symposium, pp. 23–38 (2001)
Wang, H., Zhang, D., Shin, K.G.: Detecting SYN flooding attacks. In: Proceedings of the IEEE Infocom 2002, New York City, NY, IEEE Computer Society Press, Los Alamitos (2002)
Choi, D.S., Im, E.G., Lee, C.W.: Intrusion-tolerant system design for web server survivability. In: Chae, K.-J., Yung, M. (eds.) Information Security Applications. LNCS, vol. 2908, pp. 124–134. Springer, Heidelberg (2004)
Anderson, D.: Detecting unusual program behavior using the statistical component of the next-generation intrusion detection. Technical Report SRI-CSL-95-06, Computer Science Laboratory, SRI International (1995)
Cabrera, J.B.D.: Statistical traffic modeling for net work intrusion detection. In: Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (2000)
Lee, W., Xiang, D.: Information-theoretic measures for anomaly detection (2001)
Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P., Srivastava, J., Kumar, V., Dokas, P.: Next Generation Data Mining. MIT Press, Cambridge (2004)
Staniford, S., Hoagland, J., McAlerney, J.: Practical automated detection of stealthy portscans. Journal of Computer Security 10(1-2), 105–136 (2002)
Ramaswamy, S., Rastogi, R., Shim, K.: Efficient algorithms for mining outliers from large data sets. In: Proceedings of the ACM SIGMOD Conference, ACM Press, New York (2000)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Seo, J. (2007). An Attack Classification Mechanism Based on Multiple Support Vector Machines. In: Gervasi, O., Gavrilova, M.L. (eds) Computational Science and Its Applications – ICCSA 2007. ICCSA 2007. Lecture Notes in Computer Science, vol 4706. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74477-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-74477-1_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74475-7
Online ISBN: 978-3-540-74477-1
eBook Packages: Computer ScienceComputer Science (R0)