Call for Paper

CAE solicits original research papers for the July 2021 Edition. Last date of manuscript submission is June 30, 2021.

Read More

Design and Implementation of an Improved Denial of Service (DoS) Detection System using Association Rule

Olasehinde Olayemi, Olayemi Olufunke, Aliyu E. Olubunmi. Published in Information Sciences.

Communications on Applied Electronics
Year of Publication: 2015
Publisher: Foundation of Computer Science (FCS), NY, USA
Authors: Olasehinde Olayemi, Olayemi Olufunke, Aliyu E. Olubunmi
10.5120/cae2015651993

Olasehinde Olayemi, Olayemi Olufunke and Aliyu E Olubunmi. Article: Design and Implementation of an Improved Denial of Service (DoS) Detection System using Association Rule. Communications on Applied Electronics 3(7):24-29, December 2015. Published by Foundation of Computer Science (FCS), NY, USA. BibTeX

@article{key:article,
	author = {Olasehinde Olayemi and Olayemi Olufunke and Aliyu E. Olubunmi},
	title = {Article: Design and Implementation of an Improved Denial of Service (DoS) Detection System using Association Rule},
	journal = {Communications on Applied Electronics},
	year = {2015},
	volume = {3},
	number = {7},
	pages = {24-29},
	month = {December},
	note = {Published by Foundation of Computer Science (FCS), NY, USA}
}

Abstract

The need for effective and efficient Denial of Service (DoS) Detection System cannot be overemphasized. This position is as a result of a serious threat to the availability of internet services that limit and block legitimate users access by exhausting victim server’s resources or saturating stub networks access links to the internet services instead of subverting services. Hence the need for a supervised data learning techniques known as association rule mining which has the advantage of generating explainable rules was used to build a classifier for detecting some denial of service attacks, carry out a case study on International Knowledge Discovery and data Mining (KDD ’99) tools, intrusion detection dataset for benchmarking the design of the intrusion detection systems. The average classification rate for unpruned rules is 63.16% while that of the pruned rules is 96.6%. The result revealed that pruned rule sets have better classification performance than the unpruned rule set.

References

  1. Agrawal R. and Sikrant R., (1994), “Fast Algorithms for mining association rules”, In Proceedings of the 20th VLDB Conference, Santiago, Chile.
  2. Brignoli, D (2008) “DDoS detection based on traffic self-similarity” Publisher: University of Canterbury. Computer Science and Software Engineering
  3.  Kevin H. and  George W. (2001) “A White Paper on Trends in Denial of Service Attack Technology”
  4. CERT Coordination Center,https://resources.sei.cmu.edu/asset_files/.../2001_019_001_52491.pd Accessed 2014
  5. Kihong P. and Heejo L.(2000), “ Proactive Approach to Distributed DoS Attack and Prevention using Route-Based Packet Filtering” Network Systems Lab, Department of Computer Sciences, Purdue University,West Lafayette, IN 47907, December 3, 2000
  6. Larry W. (2007) “Toward The Development of a Defensive Cyber Damage and Mission Impact Methodology” Thesis, Presented to the Faculty Department of Systems Engineering and Management Graduate School of Engineering and Management, Air Force Institute of Technology march 2007
  7. MirkovicJ.and Peter R.(2004) “A taxonomy of DDos attack and DDos defense mechanisms”. ACM SIGCOMMComputer Communication Review, Volume 34 Issue 2, April 2004
  8. Moore D., (2003) Inside the slammer worm - Security & Privacy Magazine, IEEE25 January 2003
  9. Symantec Security Response, (2003) http://www.symantec.com/security_response/writeup.jsp?docid=2003-081113-0229-99&tabid=2. Accessed 2014.
  10. Symantec Security Response, (2004) http://www.symantec.com/security_response/writeup.jsp?docid=2004-050116-1831-99&tabid=2. Accessed 2014
  11. William W. Streilein, David J. Fried, Robert K. Cunningham (2005) “Detecting Flood-based Denial-of-Service Attacks with SNMP/RMON” MIT Lincoln Laboratory
  12. Yeonhee Lee, Youngseok Lee (2011)“Detecting DDoS Attacks with Hadoop

Keywords

Intrusion detection system (IDS); Distributed Denial of Service (Ddos); Association rule; Knowledge Discovery Database (KDD); Rule Pruning