An Effective Feature Generation Method for Distributed Denial of Service Attack Detection using Entropy |
Kim, Tae-Hun
(Graduate School of Information Management and Security, Korea University)
Seo, Ki-Taek (Graduate School of Information Management and Security, Korea University) Lee, Young-Hoon (Graduate School of Information Management and Security, Korea University) Lim, Jong-In (Graduate School of Information Management and Security, Korea University) Moon, Jong-Sub (Graduate School of Information Management and Security, Korea University) |
1 | Mark Hall, Eibe Frank, Geoffrey Holmes, Bernhard Pfahringer, Peter Reutemann and H. Ian, "The WEKA data mining software," SIGKDD Explorations, vol. 11, no. 1, pp. 10-18, Jun. 2009. DOI |
2 | S Terry Brugger and Jedadiah Chow, "An assessment of the DARPA IDS evaluation dataset using snort," UCDAVIS department of Computer Science, May. 2007. |
3 | MH Lee and CH Ryu, "Internet and security issue," National Internet Development Agency of Korea, vol. 1, Sep. 2009. |
4 | C.E. Shannon and W. Weaver, "The mathematical theory of communication," University of Illinois Press, 1963. |
5 | Laura Feinstein and Dan Schnackenberg, "Statistical approaches to DDoS attack detection and Response," IEEE Computer Society, 2003. |
6 | Liying Li and Jianying Zhou, "DDoS attack detection algorithms based on entropy computing," ICICS Electronic Edition, pp. 452-466, 2007. |
7 | KS Lee, JH kim, and KH Kwon, ''DDoS attack detection method using cluster analysis," Science Direct Expert Systems with Application 34, 2008. |
8 | J.H. Ward Jr., "Hierarchical grouping to optimize an objective function," Journal of the American Statistical Association, vol. 58, pp. 236-244, Mar. 1963. DOI ScienceOn |
9 | GJ Park, "Internet security incident trends and analysis," Korea Internet Security Center, Dec. 2009. |
10 | Mindi McDowell, "Understanding denial of service attacks," US-CERT, Cyber Security ST04-015, Nov. 2004. |
11 | MIT/LL 2000 DARPA Intrusion Detection Scenario Specific Data Sets, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/2000data.html |
12 | TH Kim and DS Kim, "Detecting DDoS attacks using dispersible traffic matrix and weighted moving average," Advances in Information Security and Assurance, pp. 290-300, Jun. 2009. |
13 | B Cha and D Lee, "Network-based anomaly intrusion detection improvement by bayesian netvvork and indirect relation." Lecture Notes in Computer Science, pp. 141-148, Sep. 2007. |
14 | S Benferhat and K Tabia, "Novel and anomalous behavior detection using bayesian network classifiers," International Conference on Security and Cryptography, 2008. |
15 | CK Han and HK Choi, "An anomalous event detection system based on information theory," Korean Institute of Information Scientists and Engineers, Information Communicaion vol. 36-3, Jun. 2009. 과학기술학회마을 |
16 | SAS Institute Inc, "Cubic clustering criterion," SAS Technical Report A-108, 56p, Nov. 1983. |
17 | CH Park, "Efficient linear and nonlinear feature extraction and its application to fingerprint classification," University of Minnesota, 129p, 2004. |
18 | MH Chung, JI Cho, SY Chae and JS Moon, ''An efficient method for detecting denial of service attacks using kernel based data," Journal of the Korea Institute of Information Security and Cryptology, vol. 19, no. 1, pp. 71-79, Feb. 2009. 과학기술학회마을 |
19 | N. Friedman, D. Geiger, and M. Goldszmidt, "Bayesian network classifiers," Machine Learning 29, pp. 131-163, Nov. 1997. DOI ScienceOn |
20 | T. Joachims, "Making large-scale support vector machine learning practical, Advances in kernel methods: support vector learning," MIT Press, pp.169-184, 1999. |
21 | Ping DU and SHunji ABE, "IP packet size entropy-based scheme for detection of DoS/DDoS attacks." IEICE Trans. INF. & SYST., vol. E91-D, no. 5, May 2008. |
22 | http://www.sinet.ad.jp/what-is-the-science-information-network-sinet |