讲座内容:
Detection of Denial-of-Service (DoS) attacks hasattracted researchers since 1990s. A variety of detection systems has beenproposed to achieve this task. Unlike the existing approaches based on machinelearning and statistical analysis, the proposed system treats traffic recordsas images and detection of DoS attacks as a computer vision problem. Amultivariate correlation analysis approach is introduced to accurately depictnetwork traffic records and to convert the records into the respective images.The images of network traffic records are used as the observed objects of ourproposed DoS attack detection system, which is developed based on a widely useddissimilarity measure, namely Earth Mover's Distance (EMD). EMD takes cross-binmatching into account and provides a more accurate evaluation on thedissimilarity between distributions than some other well-known dissimilaritymeasures. These unique merits facilitate our proposed system with effectivedetection capabilities. To evaluate the proposed EMD-based detection system,ten-fold cross-validations are conducted using KDD Cup 99 data set and ISCX2012 IDS Evaluation data set. The results presented in the system evaluationsection illustrate that our detection system can detect unknown DoS attacks andachieves 99.95% detection accuracy on KDD Cup 99 data set and 90.12% detectionaccuracy on ISCX 2012 IDS evaluation data set with processing capability ofapproximately 59,000 traffic records per second.
Professor Xiangjian(Sean) He, as a Chief Investigator has receivedvarious research grants including four national Research Grants awarded byAustralian Research Council (A
冀公网安备 13010802000630号