Abstract
Security threats for computer systems have increased immensely with viruses, denial of service, vulnerability break-in, etc in the recent past. While many security mechanisms have been introduced to undermine these threats, none of the reported techniques could completely prevent these attacks. This work presents an appreciable improvement in intrusion detection using flowbased analysis of network traffic to detect DoS and DDoS attacks. The aggregation of packets that belong to identical flow reduces processing overhead in systems. This method is based on anomaly detection and uses adaptive threshold values in the detection unit. For illustrative purpose, DARPA 1999 data set is made use of.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Claise, B.: Cisco Systems NetFlow Services Export Version 9, RFC 3954 (Informational) (October 2004), http://www.ietf.org/rfc/rfc3954.txt
Specht, S.M., Lee, R.B.: Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures. In: Proceedings of the International Conferences on Parallel and Disributed System, pp. 543–550 (September 2004)
Cisar, P.: A Flow based algorithm for Statistical Anomaly Detection. In: Proceedings of the 7th International Symposium of Hungarian Researches on Computational Intelligence
Peng, T., Leckie, C., Ramamohanarao, K.: Proactively detecting distributed denial of service attacks using source IP address monitoring. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)
Hossain, M., Bridges, S.M.: A Framework for an Adaptive Intrusion Detection System with Data Mining. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy (1999)
Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. Pearson Education, London
Song, S., Ling, L., Manikopoulo, C.N.: Flow-based Statistical Aggregation Schemes for Network Anomaly Detection. In: Proceedings of the 2006 IEEE International Conference on Networking, Sencing and Control (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
David, J., Thomas, C. (2011). Intrusion Detection Using Flow-Based Analysis of Network Traffic. In: Meghanathan, N., Kaushik, B.K., Nagamalai, D. (eds) Advances in Networks and Communications. CCSIT 2011. Communications in Computer and Information Science, vol 132. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17878-8_40
Download citation
DOI: https://doi.org/10.1007/978-3-642-17878-8_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17877-1
Online ISBN: 978-3-642-17878-8
eBook Packages: Computer ScienceComputer Science (R0)