Skip to main content
SpringerLink
Log in

A Machine-Synesthetic Approach to DDoS Network Attack Detection

  • Conference paper
  • First Online:
Intelligent Systems and Applications (IntelliSys 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1038))

Included in the following conference series:

Abstract

In the authors’ opinion, anomaly detection systems, or ADS, seem to be the most perspective direction in the subject of attack detection, because these systems can detect, among others, the unknown (zero-day) attacks. To detect anomalies, the authors propose to use machine synesthesia. In this case, machine synesthesia is understood as an interface that allows using image classification algorithms in the problem of detecting network anomalies, making it possible to use non-specialized image detection methods that have recently been widely and actively developed. The proposed approach is that the network traffic data is “projected” into the image. It can be seen from the experimental results that the proposed method for detecting anomalies shows high results in the detection of attacks. On a large sample, the value of the complex efficiency indicator reaches 97%.

This report contains results of the research project supported by Russian Foundation for Basic Research, grants no. 18-07-01109, 16-47-330055.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Wu H., Luk R., Wong K., and Kwok K.: Interpreting TF-IDF term weights as making relevance decisions. ACM Transactions on Information Systems, vol. 26, no. 3, (2008).

References

  1. Mohiuddin, A., Abdun, N.M., Jiankun, H.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 60, 19–31 (2016)

    Article  Google Scholar 

  2. Afontsev, E.: Network anomalies (2006). https://nag.ru/articles/reviews/15588/setevyie-anomalii.html

  3. Berestov, A.A.: Architecture of intelligent agents based on a production system to protect against virus attacks on the Internet. In: XV All-Russian Scientific Conference Problems of Information Security in the Higher School System, pp. 180–276 (2008)

    Google Scholar 

  4. Galtsev, A.V.: System analysis of traffic to identify anomalous network conditions: the thesis for the Candidate Degree of Technical Sciences, Samara (2013)

    Google Scholar 

  5. Kornienko, A.A., Slyusarenko, I.M.: Intrusion Detection Systems and Methods: Current State and Direction of Improvement (2008). http://citforum.ru/security/internet/ids_overview/

  6. Kussul, N., Sokolov, A.: Adaptive anomaly detection in the computer systems users behavior using Markov chains of variable order. Part 2: methods of detecting anomalies and the results of experiments. In: Informatics and Control Problems, no. 4, pp. 83–88 (2003)

    Google Scholar 

  7. Mirkes, E.M.: Neurocomputer: Draft Standard, pp. 150–176. Science, Novosibirsk (1999)

    Google Scholar 

  8. Tsvirko, D.A.: Prediction of a network attack route using production model methods (2012). http://academy.kaspersky.ru/downloads/academycup_participants/cvirko__d.ppt

  9. Somayaji, A.: Automated response using system-call delays. In: USENIX Security Symposium 2000, pp. 185–197 (2000)

    Google Scholar 

  10. Ilgun, K.: USTAT: a real-time intrusion detection system for UNIX. In: Proceedings 1993 IEEE Symposium on Research in Security and Privacy, pp. 16–28. IEEE (1992)

    Google Scholar 

  11. Eskin, E., Lee, W., Stolfo, S.J.: Modeling system calls for intrusion detection with dynamic window sizes. In: Proceedings DARPA Information Survivability Conference and Exposition II, DISCEX 2001, vol. 1, pp. 165–175. IEEE (2001)

    Google Scholar 

  12. Ye, N., Xu, M., Emran, S.M.: Probabilistic networks with undirected links for anomaly detection. In: 2000 IEEE Workshop on Information Assurance and Security, West Point, NY (2000)

    Google Scholar 

  13. Michael, C.C., Ghosh, A.: Two state-based approaches to program-based anomaly detection. ACM Trans. Inf. Syst. Secur. 5(2), 203–237 (2002)

    Article  Google Scholar 

  14. Garvey, T.D., Lunt, T.F.: Model-based intrusion detection. In: Proceedings of the 14th Nation Computer Security Conference, Baltimore, MD, vol. 17 (1991)

    Google Scholar 

  15. Theus, M., Schonlau, M.: Intrusion detection based on structural zeroes. Stat. Comput. Graph. Newsl. 9(1), 12–17 (1998)

    Google Scholar 

  16. Tan, K.: The application of neural networks to UNIX computer security. In: IEEE International Conference on Neural Networks, Perth, Australia, vol. 1, pp. 476–481 (1995)

    Google Scholar 

  17. Ilgun, K., Kemmerer, R.A., Porras, P.A.: State transition analysis: a rule-based intrusion detection system. IEEE Trans. Softw. Eng. 21(3), 181–199 (1995)

    Article  Google Scholar 

  18. Eskin, E.: Anomaly detection over noisy data using learned probability distributions. In: 17th International Conference on Machine Learning, pp. 255–262. Morgan Kaufmann, San Francisco (2000)

    Google Scholar 

  19. Ghosh, K., Schwartzbard, A., Schatz, M.: Learning program behavior profiles for intrusion detection. In: 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, pp. 51–62 (1999)

    Google Scholar 

  20. Ye, N.: A Markov chain model of temporal behavior for anomaly detection. In: 2000 IEEE Systems, Man, and Cybernetics, Information Assurance and Security Workshop. IEEE (2000)

    Google Scholar 

  21. Axelsson, S.: The base-rate fallacy and its implications for the difficulty of intrusion detection. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 1–7. ACM, New York (1999). https://doi.org/10.1145/319709.319710

  22. Chikalov, I., Moshkov, M., Zielosko, B.: Optimization of decision rules based on methods of dynamic programming. Vestnik of Lobachevsky State University of Nizhni Novgorod 6, 195–200 (2010)

    Google Scholar 

  23. Chen, C.H.: Handbook of Pattern Recognition and Computer Vision. University of Massachusetts Dartmouth, Dartmouth (2015)

    Google Scholar 

  24. Gantmacher, F.R.: The Theory of Matrices. Science, Moscow (1968)

    Google Scholar 

  25. Murty, M.N., Devi, V.S.: Pattern Recognition: An Algorithmic Approach, pp. 93–94. Springer, Heidelberg (2011)

    Book  Google Scholar 

  26. Lowe, D.G.: Distinctive image features from scale-invariant keypoints (2004). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.157.3843&rep=rep1&type=pdf

  27. Clustering with K-means in Python (2013). https://datasciencelab.wordpress.com/2013/12/12/clustering-with-k-means-in-python

Download references

Author information

Authors and Affiliations

  1. Vladimir State University, 600000, Vladimir, Russia

    Yuri Monakhov, Oleg Nikitin, Anna Kuznetsova, Alexey Kharlamov & Alexandr Amochkin

Authors
  1. Yuri Monakhov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Oleg Nikitin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Anna Kuznetsova
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alexey Kharlamov
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Alexandr Amochkin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anna Kuznetsova .

Editor information

Editors and Affiliations

  1. School of Computing, Computer Science Research Institute, Ulster University, Newtownabbey, UK

    Yaxin Bi

  2. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Rahul Bhatia

  3. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Supriya Kapoor

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Monakhov, Y., Nikitin, O., Kuznetsova, A., Kharlamov, A., Amochkin, A. (2020). A Machine-Synesthetic Approach to DDoS Network Attack Detection. In: Bi, Y., Bhatia, R., Kapoor, S. (eds) Intelligent Systems and Applications. IntelliSys 2019. Advances in Intelligent Systems and Computing, vol 1038. Springer, Cham. https://doi.org/10.1007/978-3-030-29513-4_13

Download citation

Publish with us

Policies and ethics

Search

Navigation