Detection and classification of slow DoS attacks targeting network servers

Abstract

Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.