Skip to main content
SpringerLink
Log in

Detection and Classification of DDoS Attacks Using Fuzzy Inference System

  • Conference paper
Recent Trends in Network Security and Applications (CNSA 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 89))

Included in the following conference series:

Abstract

A DDoS attack saturates a network by overwhelming the network resources with an immense volume of traffic that prevent the normal users from accessing the network resources. When Intrusion Detection Systems are used, a huge number of alerts will be generated and these alerts consist of both False Positives and True Positives. Due to huge volume of attack traffic, there is a possibility of occurring more False Positives than True Positives which is difficult for the network analyst to classify the original attack and take remedial action. This paper focuses on development of alert classification system to classify False Positives and True Positives related to DDoS attacks. It consists of five phases : Attack Generation, Alert Collection, Alert Fusion, Alert Generalization and Alert classification. In Attack Generation, DDoS attacks are generated in experimental testbed. In Alert Collection, snort IDS will be used to generate alerts for the generated traffic in testbed and alerts are collected. In Alert Fusion, the repeated alerts will be fused together to form meta alerts. In Alerts Generalization, the alerts indicating traffic towards the servers will be taken for further analysis. In Alert Classification, using fuzzy inference system the alerts will be classified as True Positives and False Positives. This reduces the difficulty of the network analyst by eliminating the false positives. This system is tested using an experimental testbed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Pietraszek, T., Tanner, A.: Data mining and machine learning-Towards reducing false positives in intrusion detection. Information Security Technical Report 10, 169–183 (2005)

    Article  Google Scholar 

  2. Pietraszek, T.: Using adaptive alert classification to reduce false positives in intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004)

    Google Scholar 

  3. Kruegel, C., Robertson, W., Vigna, G.: Using alert verification to identify successful intrusion attaempts. K.G. Saur Verlag, Munchen (2004)

    Google Scholar 

  4. Helmer, G., Wong, J.S.K., Honavar, V., Miller, L.: Automated discovery of concise predictive rules for intrusion detection. The Journal of Systems and Software 60(2), 165–175 (2002)

    Article  Google Scholar 

  5. Debar, H., Wespi, A.: Aggregation and correlation of intrusion detection alerts. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 85–103. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Lee, W.: A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems, PhD thesis, Columbia University (1999)

    Google Scholar 

  7. Cohen, W.W.: Fast effective rule induction. In: Prieditis, A., Russell, S. (eds.) Proceedings of the 12th International Conference on Machine Learning, Tahoe City, CA, pp. 115–123. Morgan Kaufmann Publishers, San Francisco (1995)

    Google Scholar 

  8. Howard, J.D., Longstaff, T.A.: A common language for computer security incidents, Technical report, CERT (1998)

    Google Scholar 

  9. Cohen, W.W.: Fast effective rule induction. In: Prieditis, A., Russell, S. (eds.) Proceedings of the 12th International Conference on Machine Learning, Tahoe City, CA, pp. 115–123. Morgan Kaufmann Publishers, San Francisco (1995)

    Google Scholar 

  10. Helmer, G., Wong, J.S.K., Honavar, V., Miller, L.: Automated discovery of concise predictive rules for intrusion detection. The Journal of Systems and Software 60(2), 165–175 (2002)

    Article  Google Scholar 

  11. Gomez, J., Dasgupta, D.: Evolving Fuzzy Classifiers for Intrusion Detection. In: Proceedings of the 2002 IEEE Workshop on Information Assurance (2002)

    Google Scholar 

  12. Toosi, A.N., Kahani, M., Monsefi, R.: Network Intrusion Detection Based on Neuro-Fuzzy Classification. In: Proceedings of IEEE International Conference on Computing and Informatics. IEEE, Los Alamitos (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai

    T. Subbulakshmi

  2. HODCSE, Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai

    S. Mercy Shalinie

  3. II MECSE, Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai

    C. Suneel Reddy

  4. I MECSE, Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai

    A. Ramamoorthi

Authors
  1. T. Subbulakshmi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. Mercy Shalinie
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. C. Suneel Reddy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. A. Ramamoorthi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Jackson State University, Jackson, MS, USA

    Natarajan Meghanathan

  2. CNAM / CEDRIC, Paris, France

    Selma Boumerdassi

  3. University of Calcutta, Calcutta, India

    Nabendu Chaki

  4. Wireilla Net Solutions PTY Ltd, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Subbulakshmi, T., Mercy Shalinie, S., Suneel Reddy, C., Ramamoorthi, A. (2010). Detection and Classification of DDoS Attacks Using Fuzzy Inference System. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14478-3_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14477-6

  • Online ISBN: 978-3-642-14478-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation