The Use of Statistical Features for Low-Rate Denial of Service Attack Detection

Abstract

Low-rate Denial of Service (LDoS) attacks can significantly reduce the serving capabilities of networks. These attacks involve sending periodic high-intensity pulse data flows, and their harmful effects are like those of traditional DoS attacks. However, LDoS attacks have different attack modes, which make them particularly challenging to detect. The high level of concealment associated with LDoS attacks makes it extremely difficult for traditional DoS detection methods to identify them. This paper explores the potential of using statistical features for LDoS attack detection. The results demonstrate that statistical features can offer promising performance in detecting these types of attacks. Furthermore, through the application of RFE and SHAP analysis, we find that entropy and L-moment-based features play a crucial role in detection. These findings provide important insights into the use of statistical features for network security, which can help to enhance the overall resilience of networks against various types of attacks. © 2023 IEEE.