Network intrusion detection in covariance feature space
Interconnected systems, such as Web servers, database servers are now under threats from network attackers. Denial-of-service (DoS) attack is one such means which severely degrades the availability of a victim, which can be a host, a router, an entire network. They impose intensive computation tasks to the victim by flooding it with huge amount of useless packets. The victim is forced out of service from few minutes to several days. This causes serious damages to the services running on the victim. Therefore, effective detection of DOS attacks is essential for the protection of online services. A traffic classification scheme to improve classification performance when few training data are available is used. The traffic flows are described using the discretized statistical features and traffic flow information is extracted. A traffic classification method is proposed to aggregate the naïve bayes predictions of the traffic flows. Since classification scheme is based on the posterior conditional probabilities, it can identify attacks occurring in an uncertain situation The experimental results show that the proposed scheme can efficiently classify packets than existing traffic classification methods and achieved 92.34% accuracy.