Denial of service (DoS) and distributed denial of service (DDoS) attacks persist as significant challenges within the domain of cyber security, as they systematically saturate network resources and disrupt service availability. Traditional intrusion detection systems (IDS) frequently encounter issues characterized by elevated false positive rates and protracted response intervals. To enhance the defensive capabilities of networks against DoS and DDoS attacks, this manuscript proposes the implementation of an intelligent log-based intrusion detection system (IDS) that leverages statistical anomaly detection, real-time log analysis, and mechanisms designed to provide strategic advantages or ameliorate existing conditions. Logs originating from web servers, firewalls, intrusion detection systems, and anomaly detection mechanisms are comprehensively integrated into the overarching system. The implementation of a Security Information and Event Management (SIEM) framework ensures continuous monitoring, automated notifications, and proactive mitigation strategies, which encompass traffic filtering, rate limiting, and the blacklisting of IP addresses. Empirical assessments indicate that the proposed system represents a scalable and dependable methodology for safeguarding contemporary networks, as it enhances detection precision, minimizes false positives, and accelerates the process of threat mitigation.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Fortifying Networks against Volumetric Attacks Using an Intelligent Log-Centric Detection Approach

  • S. K. B. Pradeep Kumar Ch,
  • C. H. Sumathi Devi,
  • B. Aruna,
  • A. Rahul Kumar,
  • D. Ratna Kumari,
  • Zahrah Sataar

摘要

Denial of service (DoS) and distributed denial of service (DDoS) attacks persist as significant challenges within the domain of cyber security, as they systematically saturate network resources and disrupt service availability. Traditional intrusion detection systems (IDS) frequently encounter issues characterized by elevated false positive rates and protracted response intervals. To enhance the defensive capabilities of networks against DoS and DDoS attacks, this manuscript proposes the implementation of an intelligent log-based intrusion detection system (IDS) that leverages statistical anomaly detection, real-time log analysis, and mechanisms designed to provide strategic advantages or ameliorate existing conditions. Logs originating from web servers, firewalls, intrusion detection systems, and anomaly detection mechanisms are comprehensively integrated into the overarching system. The implementation of a Security Information and Event Management (SIEM) framework ensures continuous monitoring, automated notifications, and proactive mitigation strategies, which encompass traffic filtering, rate limiting, and the blacklisting of IP addresses. Empirical assessments indicate that the proposed system represents a scalable and dependable methodology for safeguarding contemporary networks, as it enhances detection precision, minimizes false positives, and accelerates the process of threat mitigation.