Detection DoS Attack on FPGA Using Fuzzy Association Rules

This paper proposes a programmable embedded system based on data mining and fuzzy logic to determine Denial of Service (DoS) attacks in real time. The proposed system detects the DoS attacks to a web service. The system consists of two phases. At the first phase, the number of terminated connection and the number of connection request statistics and so on have been extracted from packet. These obtained features constitute training data. Each record in training data was obtained with 2 sec intervals from network traffic. Then Fuzzy classification rules have been obtained from training data by data mining and fuzzy logic. At the second phase, DoS attacks have been detected using these rules in real time for testing purpose. The proposed system has been tested on Altera Cyclone III EPC3C40F484C7 in the FPGA environment.