COMPUTER JOURNAL, cilt.50, sa.6, ss.717-727, 2007 (SCI-Expanded)
Due to the simplicity of the concept and the availability of attack tools, launching a DoS attack relatively easy, while defending a network resource against it is disproportionately difficult. first step of a protection scheme against DoS must be the detection of its existence, ideally the destructive traffic build-up. In this paper we propose a DoS detection approach which the maximum likelihood criterion with the random neural network (RNN). Our method is on measuring various instantaneous and statistical variables describing the incoming traffic, acquiring a likelihood estimation and fusing the information gathered from the input features using likelihood averaging and different architectures of RNNs. We present compare seven variations of it and evaluate our experimental results obtained in a large testbed.