SIDS: Detecting Scan and DoS Attacks in Large-Scale Computer Networks Through Statistical Packet Analysis

SIDS is an Intrusion Detection System (IDS) tailored for detecting SCAN and DDoS attacks in sizeable computer networks. To do so, SIDS analysis the statistical properties of the network traffic to understand patterns of normal traffic. The system then uses anomaly detection to identify SCAN and DoS attacks through deviations from the normal profile. The use of statistical features allows for a more scalable solution while still preserving accuracy.

PhD Candidate/Security Researcher