Sciweavers

SAC
2004
ACM

Towards multisensor data fusion for DoS detection

14 years 5 months ago
Towards multisensor data fusion for DoS detection
In our present work we introduce the use of data fusion in the field of DoS anomaly detection. We present DempsterShafer’s Theory of Evidence (D-S) as the mathematical foundation for the development of a novel DoS detection engine. Based on a data fusion paradigm, we combine multiple evidence generated from simple heuristics to feed our D-S inference engine and attempt to detect flooding attacks. Our approach has as its main advantages the modeling power of Theory of Evidence in expressing beliefs in some hypotheses, the ability to add the notions of uncertainty and ignorance in the system and the quantitative measurement of the belief and plausibility in our detection results. We evaluate our detection engine prototype through a set of experiments, that were conducted with real network traffic and with the use of common DDoS tools. We conclude that data fusion is a promising approach that could increase the DoS detection rate and decrease the false alarm rate. Categories and Subj...
Christos Siaterlis, Basil S. Maglaris
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where SAC
Authors Christos Siaterlis, Basil S. Maglaris
Comments (0)