By Topic

Review Over Anomaly Detection Algorithms for Detecting SYN Flooding Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Riaz A. Shaikh ; NUST Institute of Information technology, Rawalpindi, Pakistan. ; Ahmad Ali Iqbal ; Kashan Samad

Network anomalies usually refer to the conditions when network operations diverge from the normal behavior. Anomaly detection in an IP network is a very complex task, because it is dependent upon the nature of the data that is available for the analysis. In this paper we have given the overview of two statistical based anomaly detection algorithms that are adaptive threshold algorithm and cumulative SUM algorithm especially with respect to the anomaly that is occurred due to SYN flooding attacks. In the case of high intensity SYN flooding attacks both were good and have less false alarm ratio where as in the case of low intensity attacks adaptive threshold algorithm performance degrade and shows high false alarm where as in the case of cumulative sum algorithm its performance remain same with lesser false alarm ratio.

Published in:

Engineering Sciences and Technology, 2005. SCONEST 2005. Student Conference on

Date of Conference:

27-27 Aug. 2005