FUZZY MODELLING OF A NETWORK DENIAL OF SERVICE (DOS) ATTACK PHENOMENON.

This paper presents the fuzzy modeling of a network Denial of Service (DoS) attack characteristics. Conventional methods for achieving same purpose were showcased. Also, the need for a fuzzy logic approach as well as an improved mechanism for generating the fuzzy inference rules were outlined. Further, the paper discusses the basic concept of fuzzy logic, fuzzy systems and reasons for their adoption in modern control operations. DoS attack detection, using some basic traffic characteristics: bitrates, entropy and Hurst experiment as it's inputs, was x-rayed. Here, an attack trace file collected at the edge router of the Computer Science Department, University of California Los Angeles was used to develop the fuzzy inference model. The data set was partitioned into a training dataset and a testing dataset. The fuzzy concept learning system (FCLS) algorithm was used for constructing the fuzzy decision tree, using the trace files. Inference rules were then generated from the constructed decision tree. The simulation and evaluation of the fuzzy model was performed with the testing dataset. KEY WORD: Fuzzy concept learning system (FCLS), Hurst parameter (H), Entropy (E), Fuzzy system (FS), Certainty factors (CF), Fuzzy attribute (FA), Membership function (MF). 1.0. INTRODUCTION

[1]  Sankar K. Pal,et al.  Fuzzy models for pattern recognition : methods that search for structures in data , 1992 .

[2]  Lucien Duckstein,et al.  Fuzzy Rule-Based Modeling with Applications to Geophysical, Biological and Engineering Systems , 1995 .

[3]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[4]  Walter Willinger,et al.  On the self-similar nature of Ethernet traffic , 1993, SIGCOMM '93.

[5]  Erol Gelenbe,et al.  An autonomic approach to denial of service defence , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[6]  Christos Faloutsos,et al.  Data mining meets performance evaluation: fast algorithms for modeling bursty traffic , 2002, Proceedings 18th International Conference on Data Engineering.

[7]  Y. Xiang,et al.  Detecting DDOS attack based on network self-similarity , 2004 .

[8]  Ming Li,et al.  Change trend of averaged Hurst parameter of traffic under DDOS flood attacks , 2006, Comput. Secur..

[9]  Francisco Herrera,et al.  Applicability of the fuzzy operators in the design of fuzzy logic controllers , 1997, Fuzzy Sets Syst..

[10]  Dan Schnackenberg,et al.  Statistical approaches to DDoS attack detection and response , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[11]  Shyi-Ming Chen,et al.  Generating Fuzzy Rules from Relational Database Systems for Estimating Null Values , 1997, Cybern. Syst..

[12]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[13]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[14]  Ebrahim H. Mamdani,et al.  A linguistic self-organizing process controller , 1979, Autom..

[15]  B. M. Tabak,et al.  The Hurst exponent over time: testing the assertion that emerging markets are becoming more efficient , 2004 .

[16]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[17]  Walter Willinger,et al.  On the Self-Similar Nature of Ethernet Traffic ( extended version ) , 1995 .

[18]  Georgios Loukas,et al.  Distributed Defence Against Denial of Service Attacks: A Practical View , 2008, BCS Int. Acad. Conf..

[19]  J. D. Katzberg,et al.  A fuzzy logic and rough sets controller for HVAC systems , 1995, IEEE WESCANEX 95. Communications, Power, and Computing. Conference Proceedings.

[20]  Mihui Kim,et al.  A Combined Data Mining Approach for DDoS Attack Detection , 2004, ICOIN.

[21]  Yaochu Jin,et al.  Fuzzy modeling of high-dimensional systems: complexity reduction and interpretability improvement , 2000, IEEE Trans. Fuzzy Syst..