@inproceedings{40a59675075c4b59b78750ac13dc871d,
title = "BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks",
abstract = "Denial-of-Service (DoS) and Distributed Denial-of Service (DDoS) attacks account for one third of all service downtime incidents. Current DoS/DDoS attacks are not only limited to knocking down online services, but they also disguise other malicious attacks such as delivering malware, data-theft, wire fraud and even extortion. Detection of these attacks is predominantly based on the packet data and metrics derived only from packets. This work proposes a host based DDoS detection framework called BRAIN: BehavioR based Adaptive Intrusion detection in Networks. BRAIN leverages already available Hardware Performance Counters in modern processors to model the application behavior using low-level hardware events. BRAIN combines network statistics and modeled application behavior to detect DDoS attacks using machine learning. Our experiments show that BRAIN can detect multiple types of DDoS attacks, including those are undetectable by existing tools with an accuracy of 99.8% and a false alarm rate of 0%.",
keywords = "Apdaptive, Application security, BRAIN, Behavior based, DDoS, HPC, Hardware Performance Couners, Intrusion detection, Machine Leaning, Network Security",
author = "Vinayaka Jyothi and Xueyang Wang and Addepalli, {Sateesh K.} and Ramesh Karri",
note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 29th International Conference on VLSI Design, VLSID 2016 ; Conference date: 04-01-2016 Through 08-01-2016",
year = "2016",
month = mar,
day = "16",
doi = "10.1109/VLSID.2016.115",
language = "English (US)",
series = "Proceedings of the IEEE International Conference on VLSI Design",
publisher = "IEEE Computer Society",
pages = "587--588",
booktitle = "Proceedings - 29th International Conference on VLSI Design, VLSID 2016 - Held concurrently with 15th International Conference on Embedded Systems",
}