The complexity, openness, and increasing accessibility of the Internet have all greatly increased the risk of information system security availability. A serious type of network attacks is Denial of Service (DoS), which is performed against an information system to prevent legitimate users from accessing the compromised system for service. This paper concerns detecting DoS attacks using Support Vector Machines (SVMs). The key idea is to train SVMs using already discovered patterns (signatures) that represent DoS attacks. Using a benchmark data from a KDD competition designed by DARPA (U.S. Defense Advanced Research Projects Agency), we demonstrate that highly efficient and accurate classifiers can be constructed by using SVMs to detect DoS attacks. Further, we also perform feature ranking of the DARPA intrusion data to identify the key features that are important to DoS detection.

Key words : Denial of service protocols, support vector machines