An Effective Scheme for Countering Distributed Denial of Service Attacks on Mobile Ad-hoc Networks
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2015, Vol 4, Issue 1
Abstract
Mobile ad hoc networks play a key role in the private and public communication, yet their application is being hampered by network attacks. One of the most dangerous attacks that pose a serious threat to the mobile ad hoc network is the distributed denial of service attack. Although many researchers have proposed several schemes for countering these intrusions, yet these attacks have continued to grow in volume and have become more frequent. Thus, this paper focuses on the design and implementation of a multiagent intrusion detection system for countering distributed denial of service attacks on a mobile ad-hoc network. A prototype of the proposed system was implemented using readily available resources. In order to address the major drawbacks in existing Intrusion Detection Systems (IDSs) such as low attack detection accuracy, high false positive alarm and detection delay, a new distributed architecture was designed for a more ample detection of DDoS flooding attacks. New algorithms were introduced for optimal bandwidth establishment, averting Internet Protocol (IP) Spoofing, as well as for detecting and responding to three prevalent forms of DDoS attacks namely: Transport Control Protocol (TCPSYN) flood, User Datagram Protocol (UDP) flood and Internet Control Message Protocol (ICMP) flood attacks. The effectiveness of the multiagent intrusion detection system was validated by simulating the TCPSYN, UDP and ICMP flood attacks into the newly developed system. The performance of the Multiagent Intrusion Detection System was compared with two other agentbased intrusion detection systems namely: Security Agents for Network Traffic Analysis (SANTA) and Multiagent Reinforcement Learning for Intrusion Detection (MARL). The results of the tests revealed that the Multiagent Intrusion Detection System had very high attack detection accuracy of 98.9%, 98% and 97% for TCPSYN, UDP and ICMP flood attacks respectively. While SANTA had the lowest detection accuracy of 78%, 75% and 70% for TCPSYN, UDP and ICMP flood attacks in turn. The false alarm ratio and the detection delays of the multiagent intrusion detection system were equally found to be particularly low when compared to those of the other two systems.
Authors and Affiliations
Vivian Ogochukwu Nwaocha, Hy C Inyiama
Keywords
Related Articles
- EP ID EP28138
- DOI -
- Views 264
- Downloads 1
Secure Data Storage And Retrieve From Cloud Networking With Multiple Encrypt System
The proposed work is to characterize cloud structural engineering with designed samba stockpiling what's more cryptographic encryption systems. The cloud structural engineering sent with samba stockpiling uses workin...
An Overview: Peak To Power Average Ratio reduction by Discrete Cosine Transform Selective Mapping
The OFDM is employed in many systems. The main the drawback of the OFDM systems is the high Peak to Power Average Ratio [PAPR].This paper deals with the basic idea of PAPR .The paper also describe in brief the differ...
Comparison of Existing Dictionary Based Data Compression Methods for English and Gujarati Text
Data compression is a common requirement for most of the computerized applications. There are number of data compression algorithms, which are dedicated to compress different data formats. Even for a single data type...
ROUTING THROUGH CROSS LAYER APPROACH FOR WIRELESS MAC LAYER NETWORKS
Wireless mesh networks (WMNs) are dynamically self-organized and self-configured, with the nodes in the network automatically establishing an ad hoc network and maintaining the mesh connectivity. WMNs are comprised o...
Learning Analytics for Large Scale Web Information Using Twitter
Amid sudden onset emergency occasions, the vicinity of spam, bits of gossip and fake substance on Twitter diminishes the estimation of data contained on its messages (or "tweets"). A conceivable answer for this issue is...