Loading [MathJax]/extensions/MathZoom.js
A case study: Using architectural features to improve sophisticated denial-of-service attack detections | IEEE Conference Publication | IEEE Xplore
Access provided by:

MIT Libraries

Sign Out
Access provided by:

MIT Libraries

Sign Out
ADVANCED SEARCH
Conferences >2009 IEEE Symposium on Comput...

A case study: Using architectural features to improve sophisticated denial-of-service attack detections

PDF
Ran Tao; Li Yang; Lu Peng; Bin Li; Alma Cemerlic
All Authors

Abstract:

Application features such as port numbers are used by network-based intrusion detection systems (NIDSs) to detect attacks coming from networks. System calls and the opera...Show More

Metadata

Abstract:

Application features such as port numbers are used by network-based intrusion detection systems (NIDSs) to detect attacks coming from networks. System calls and the operating system related information are used by host-based intrusion detection systems (HIDSs) to detect intrusions towards a host. However, the relationship between hardware architecture events and denial-of-service (DoS) attacks has not been well revealed. When increasingly sophisticated intrusions emerge, some attacks are able to bypass both the application and the operating system level feature monitors. Therefore, a more effective solution is required to enhance existing HIDSs. In this paper, we identify the following hardware architecture features: instruction count, cache miss, bus traffic and integrate them into a novel HIDS framework based on a modern statistical gradient boosting trees model. Through the integration of application, operating system and architecture level features, our proposed HIDS demonstrates a significant improvement of the detection rate in terms of sophisticated DoS intrusions.
Published in: 2009 IEEE Symposium on Computational Intelligence in Cyber Security
Date of Conference: 30 March 2009 - 02 April 2009
Date Added to IEEE Xplore: 15 May 2009
Print ISBN:978-1-4244-2769-7
DOI: 10.1109/CICYBS.2009.4925084
Conference Location: Nashville, TN, USA
Contents

I. Introduction

Denials of Service (DoS) attacks impose serious threat on the availability and quality of Internet services [15]. They exhaust limited resources such as network bandwidth, DRAM space, CPU cycles, or specific protocol data structures, inducing service degradation or outage in computing infrastructures for the clients. System downtime resulting from DoS attacks could lead to million dollars' loss.

Contact IEEE to Subscribe
More Like This
LDPC Hardware Acceleration in 5G Open Radio Access Network Platforms

IEEE Access

Published: 2021

Cost Assessment and Optimization Methods for Multi-Node Radio Access Networks

VTC Spring 2008 - IEEE Vehicular Technology Conference

Published: 2008

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.