Skip to main content
SpringerLink
Log in

Intrusion Detection Using Flow-Based Analysis of Network Traffic

  • Conference paper
Advances in Networks and Communications (CCSIT 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 132))

Abstract

Security threats for computer systems have increased immensely with viruses, denial of service, vulnerability break-in, etc in the recent past. While many security mechanisms have been introduced to undermine these threats, none of the reported techniques could completely prevent these attacks. This work presents an appreciable improvement in intrusion detection using flowbased analysis of network traffic to detect DoS and DDoS attacks. The aggregation of packets that belong to identical flow reduces processing overhead in systems. This method is based on anomaly detection and uses adaptive threshold values in the detection unit. For illustrative purpose, DARPA 1999 data set is made use of.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Claise, B.: Cisco Systems NetFlow Services Export Version 9, RFC 3954 (Informational) (October 2004), http://www.ietf.org/rfc/rfc3954.txt

  2. Specht, S.M., Lee, R.B.: Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures. In: Proceedings of the International Conferences on Parallel and Disributed System, pp. 543–550 (September 2004)

    Google Scholar 

  3. Cisar, P.: A Flow based algorithm for Statistical Anomaly Detection. In: Proceedings of the 7th International Symposium of Hungarian Researches on Computational Intelligence

    Google Scholar 

  4. Peng, T., Leckie, C., Ramamohanarao, K.: Proactively detecting distributed denial of service attacks using source IP address monitoring. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)

    Google Scholar 

  5. Hossain, M., Bridges, S.M.: A Framework for an Adaptive Intrusion Detection System with Data Mining. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy (1999)

    Google Scholar 

  6. www.ll.mit.edu/darpa/

  7. Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. Pearson Education, London

    Google Scholar 

  8. Song, S., Ling, L., Manikopoulo, C.N.: Flow-based Statistical Aggregation Schemes for Network Anomaly Detection. In: Proceedings of the 2006 IEEE International Conference on Networking, Sencing and Control (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Electronics and Communication, Rajagiri School of Engineering and Technology, Rajagiri Valley, Kochi, India

    Jisa David

  2. Dept. of Electronics and Communication, College of Engineering, Trivandrum, Trivandrum, India

    Ciza Thomas

Authors
  1. Jisa David
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ciza Thomas
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Jackson State University, 39217, Jackson, MS, USA

    Natarajan Meghanathan

  2. Deptt. of Electronics and Computer Engg., Indian Institute of Technology-Roorkee, India

    Brajesh Kumar Kaushik

  3. Wireilla Net Solutions PTY Ltd, Melbourne, Victoria, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

David, J., Thomas, C. (2011). Intrusion Detection Using Flow-Based Analysis of Network Traffic. In: Meghanathan, N., Kaushik, B.K., Nagamalai, D. (eds) Advances in Networks and Communications. CCSIT 2011. Communications in Computer and Information Science, vol 132. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17878-8_40

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17878-8_40

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17877-1

  • Online ISBN: 978-3-642-17878-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation