SYN Flood Attack Detection Usiing AR Model
Ghazy, R., El-Rabaie, E., Dessouky, M., El-Fishawy, N., Abd El-Samie, F. (2019). SYN Flood Attack Detection Usiing AR Model. EKB Journal Management System, 28(1), 85-92. doi: 10.21608/mjeer.2019.62725
Rania Ghazy; el-sayed El-Rabaie; Moawad Dessouky; Nawal El-Fishawy; Fathi Abd El-Samie. "SYN Flood Attack Detection Usiing AR Model". EKB Journal Management System, 28, 1, 2019, 85-92. doi: 10.21608/mjeer.2019.62725
Ghazy, R., El-Rabaie, E., Dessouky, M., El-Fishawy, N., Abd El-Samie, F. (2019). 'SYN Flood Attack Detection Usiing AR Model', EKB Journal Management System, 28(1), pp. 85-92. doi: 10.21608/mjeer.2019.62725
Ghazy, R., El-Rabaie, E., Dessouky, M., El-Fishawy, N., Abd El-Samie, F. SYN Flood Attack Detection Usiing AR Model. EKB Journal Management System, 2019; 28(1): 85-92. doi: 10.21608/mjeer.2019.62725

SYN Flood Attack Detection Usiing AR Model

Menoufia Journal of Electronic Engineering Research
Article 5, Volume 28, Issue 1, January 2019, Page 85-92  XML PDF (417.16 K)
Document Type: Original Article
DOI: 10.21608/mjeer.2019.62725
View on SCiNiTO View on SCiNiTO
Authors
Rania Ghazy* 1; el-sayed El-Rabaie1; Moawad Dessouky1; Nawal El-Fishawy2; Fathi Abd El-Samie1
1Dept. of Electronics and Electrical Communications, Faculty of Electronic Engineering, Menoufia University.
2Computer Science and Eng., Faculty of Electronic Eng., Menoufia University.
Abstract
Due to the sophisticated characteristics of auto-regressive (AR)
modeling approach, it finds applications in most anomaly detection
processes. This paper extends the concept of AR modeling to
create models for the estimated auto-correlation between data and
control planes packet counts of the network traffic. These models
are fed with the anomaly traffic containing SYN flood attack. The
estimated residuals in these scenarios are used as indicators for
the attacks. Simulation results revealed the success of attack
detection using the proposed approach.
Keywords
auto-regressive; control planes and network traffic
References
h: 0px; "> [1] M. Manna and A. Amphawan “Review Of Syn-Flooding Attack Detection
Mechanism,” International Journal of Distributed and Parallel Systems
(IJDPS), Vol.3, No.1, January 2012.
[2] https://en.wikipedia.org/wiki/SYN_flood (Access date Dec. 3, 2017)
[3] B. AsSadhan, H. Kim, J. Moura, and X. Wang, “Network Traffic Behavior
Analysis by Decomposition into Control and Data Planes,"
InternationalWorkshop on Security in Systems and Networks (SSN) with
conjunction of IEEE International Parallel and Distributed Processing
Symposium (IPDPS), Miami, FL, USA, Apr. 18, 2008.
[4] http://en.wikipedia.org/wiki/Cross-correlation (Access date Dec.
3, 2017.
[5] A. Aibinu and J. Salami, A. Shafie , A. Najeeb “Comparing Autoregressive
Moving Average (ARMA) coefficients determination using Artificial
Neural Networks with other techniques” World Academy of Science,
Engineering and Technology, 18, 2008.
[6] http://en.wikipedia.org/wiki/Autoregressive_model (Access
date Dec. 3, 2017).

Statistics
Article View: 96
PDF Download: 229