All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Windower: Feature Extraction for Real-Time DDoS Detection Using Machine Learning

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F24%3A10133620" target="_blank" >RIV/63839172:_____/24:10133620 - isvavai.cz</a>

  • Result on the web

    <a href="https://ieeexplore.ieee.org/document/10575699" target="_blank" >https://ieeexplore.ieee.org/document/10575699</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/NOMS59830.2024.10575699" target="_blank" >10.1109/NOMS59830.2024.10575699</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Windower: Feature Extraction for Real-Time DDoS Detection Using Machine Learning

  • Original language description

    Distributed Denial of Service (DDoS) attacks are an ever-increasing type of security incident on modern computer networks. To tackle the issue, we propose Windower, a feature-extraction method for real-time network-based intrusion (particularly DDoS) detection. Our stream data mining module employs a sliding window principle to compute statistical information directly from network packets. Furthermore, we summarize several such windows and compute inter-window statistics to increase detection reliability. Summarized statistics are then fed into an ML-based attack discriminator. If an attack is recognized, we drop the consequent attacking source&apos;s traffic using simple ACL rules. The experimental results evaluated on several datasets indicate the ability to reliably detect an ongoing attack within the first six seconds of its start and mitigate 99 % of flood and 92 % of slow attacks while maintaining false positives below 1 %. In contrast to state-of-the-art, our approach provides greater flexibility by achieving high detection performance and low resources as flow-based systems while offering prompt attack detection known from packet-based solutions. Windower thus brings an appealing trade-off between attack detection performance, detection delay, and computing resources suitable for real-world deployments.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/LM2023054" target="_blank" >LM2023054: e-Infrastructure CZ</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2024

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    PROCEEDINGS OF 2024 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, NOMS 2024

  • ISBN

    979-8-3503-2793-9

  • ISSN

    1542-1201

  • e-ISSN

  • Number of pages

    10

  • Pages from-to

    1-10

  • Publisher name

    IEEE

  • Place of publication

    Seoul, Republic of Korea

  • Event location

    Seoul, South Korea

  • Event date

    May 6, 2024

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    001270140300170

Similar results(10)

Windower: Feature Extraction for Real-Time DDoS Detection Using Machine LearningInformed DDoS Mitigation at 100 Gb/sCo-FQL: Anomaly detection using cooperative fuzzy Q-learning in network