Loughborough University
Browse
- No file added yet -

Denial of service detection using dynamic time warping

Download (1.97 MB)
journal contribution
posted on 2021-05-06, 13:35 authored by Diab M Diab, Basil AsSadhan, Hamad Binsalleeh, Sangarapillai LambotharanSangarapillai Lambotharan, Kostas KyriakopoulosKostas Kyriakopoulos, Ibrahim Ghafir
With the rapid growth of security threats in computer networks, the need for developing efficient security‐warning systems is substantially increasing. Distributed denial‐of‐service (DDoS) and DoS attacks are still among the most effective and dreadful attacks that require robust detection. In this work, we propose a new method to detect TCP DoS/DDoS attacks. Since analyzing network traffic is a promising approach, our proposed method utilizes network traffic by decomposing the TCP traffic into control and data planes and exploiting the dynamic time warping (DTW) algorithm for aligning these two planes with respect to the minimum Euclidean distance. By demonstrating that the distance between the control and data planes is considerably small for benign traffic, we exploit this characteristic for detecting attacks as outliers. An adaptive thresholding scheme is implemented by adjusting the value of the threshold in accordance with the local statistics of the median absolute deviation (MAD) of the distances between the two planes. We demonstrate the efficacy of the proposed method for detecting DoS/DDoS attacks by analyzing traffic data obtained from publicly available datasets.

Funding

The Deanship of Scientific Research, King Saud University

The Gulf Science, Innovation, and Knowledge Economy Programme of the U.K. Government

History

School

  • Mechanical, Electrical and Manufacturing Engineering

Published in

International Journal of Network Management

Volume

31

Issue

6

Publisher

Wiley

Version

  • AM (Accepted Manuscript)

Rights holder

© Wiley

Publisher statement

This is the peer reviewed version of the following article: DIAB, D.M. ... et al, 2021. Denial of service detection using dynamic time warping. International Journal of Network Management, 31(6): e2159, doi:10.1002/nem.2159, which has been published in final form at https://doi.org/10.1002/nem.2159. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Use of Self-Archived Versions.

Acceptance date

2021-03-14

Publication date

2021-04-12

Copyright date

2021

ISSN

1055-7148

eISSN

1099-1190

Language

  • en

Depositor

Dr Kostas Kyriakopoulos. Deposit date: 23 June 2020

Article number

e2159

Usage metrics

    Loughborough Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC