Curtin University Homepage
  • Library
  • Help
    • Admin

    espace - Curtin’s institutional repository

    JavaScript is disabled for your browser. Some features of this site may not work without it.
    View Item 
    • espace Home
    • espace
    • Curtin Research Publications
    • View Item
    • espace Home
    • espace
    • Curtin Research Publications
    • View Item

    Identifying DOS attacks using data pattern analysis

    118194_10768_HA Identifying DOS attacks using data pattern analysis.pdf (590.6Kb)
    Access Status
    Open access
    Authors
    Salem, Mohammed
    Armstrong, Helen
    Date
    2008
    Type
    Conference Paper
    
    Metadata
    Show full item record
    Citation
    Salem, Mohammed and Armstrong, Helen. 2008. Identifying DOS attacks using data pattern analysis, in Craig Valli and Andrew Woodward (ed), The 6th Australian Information Security Management Conference, Dec. 1 2008, pp. 118-129.Perth, Australia: SECAU - Security Research Centre
    Source Title
    Proceedings of the 6th Australian information security management conference
    Source Conference
    The 6th Australian Information Security Management Conference
    ISBN
    9780729806657
    Faculty
    Curtin Business School
    School of Information Systems
    URI
    http://hdl.handle.net/20.500.11937/24963
    Collection
    • Curtin Research Publications
    Abstract

    During a denial of service attack, it is difficult for a firewall to differentiate legitimate packets from rogue packets, particularly in large networks carrying substantial levels of traffic. Large networks commonly use network intrusion detection systems to identify such attacks, however new viruses and worms can escape detection until their signatures are known and classified as an attack. Commonly used IDS are rule based and static, and produce a high number of false positive alerts. The aim of this research was to determine if it is possible for a firewall to self-learn by analysing its own traffic patterns. Statistical analyses of firewall logs for a large network were carried out and a baseline determined. Estimated traffic levels were projected using linear regresssion and Holt-Winter methods for comparison with the baseline. Rejected traffic falling outside the projected level for the network under study could indicate an attack. The results of the research were positive with variance from the projected rejected packet levels successfully indicating an attack in the test network.

    Related items

    Showing items related by title, author, creator and subject.

    • Chaos Theory Based Detection against Network Mimicking DDoS Attacks
      Chonka, A.; Singh, Jaipal; Zhou, W. (2009)
      DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate ...
    • DoSTDM: A denial of service detection model using firewall data traffic pattern matching
      Ahmad Salem, Mohammed Ali Mohammed (2013)
      This research deals with Denial of Service (DoS) flooding attacks. These types of attacks toward internet connected networks are on the rise. The research proposes a model that triangulate between statistical and neural ...
    • Can we predict atmospheric PM2.5 concentration more accurately?
      Jian, Le; Chan, Kit Yan (2012)
      Air pollution is a major concern in many counties. Air pollution levels are usually determined by the concentrations of air pollutants such as nitrogen dioxide, sulphur dioxide, carbon monoxide, ozone and particulate ...
    Advanced search

    Browse

    Communities & CollectionsIssue DateAuthorTitleSubjectDocument TypeThis CollectionIssue DateAuthorTitleSubjectDocument Type

    My Account

    Admin

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Follow Curtin

    • 
    • 
    • 
    • 
    • 

    CRICOS Provider Code: 00301JABN: 99 143 842 569TEQSA: PRV12158

    Copyright | Disclaimer | Privacy statement | Accessibility

    Curtin would like to pay respect to the Aboriginal and Torres Strait Islander members of our community by acknowledging the traditional owners of the land on which the Perth campus is located, the Whadjuk people of the Nyungar Nation; and on our Kalgoorlie campus, the Wongutha people of the North-Eastern Goldfields.