Sun Qindong,Zhang Deyun,Gao Peng,Zhang Xiao
(School of Electronics and Information Engineering,Xi'an Jiaotonng University,Xi'an 710049,Chinaa)
Abstract:Aiming at the characterstic of denial-of-service (DOS) attacks, a novel algorithm is proposed to detect and defeat DOS attacks. Through analyzing the frequency and dispersion of alerts, the DOS attacks are detected. To defeat the attacks, the stateful inspection is switched from normal mode to emergency mode by the staged switch method and packets that don’t belong to a normal TCP session are dropped. Performance analysis and experiments demonstrate that the algorithm can discover the DOS attacks in time and effectively protect network intrusion detection systems.
Keywords:intrusion detection;denial-of-service attacks;stateful inspection