An Effective Scheme for Countering Distributed Denial of Service Attacks on Mobile Ad-hoc Networks
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2015, Vol 4, Issue 1
Abstract
Mobile ad hoc networks play a key role in the private and public communication, yet their application is being hampered by network attacks. One of the most dangerous attacks that pose a serious threat to the mobile ad hoc network is the distributed denial of service attack. Although many researchers have proposed several schemes for countering these intrusions, yet these attacks have continued to grow in volume and have become more frequent. Thus, this paper focuses on the design and implementation of a multiagent intrusion detection system for countering distributed denial of service attacks on a mobile ad-hoc network. A prototype of the proposed system was implemented using readily available resources. In order to address the major drawbacks in existing Intrusion Detection Systems (IDSs) such as low attack detection accuracy, high false positive alarm and detection delay, a new distributed architecture was designed for a more ample detection of DDoS flooding attacks. New algorithms were introduced for optimal bandwidth establishment, averting Internet Protocol (IP) Spoofing, as well as for detecting and responding to three prevalent forms of DDoS attacks namely: Transport Control Protocol (TCPSYN) flood, User Datagram Protocol (UDP) flood and Internet Control Message Protocol (ICMP) flood attacks. The effectiveness of the multiagent intrusion detection system was validated by simulating the TCPSYN, UDP and ICMP flood attacks into the newly developed system. The performance of the Multiagent Intrusion Detection System was compared with two other agentbased intrusion detection systems namely: Security Agents for Network Traffic Analysis (SANTA) and Multiagent Reinforcement Learning for Intrusion Detection (MARL). The results of the tests revealed that the Multiagent Intrusion Detection System had very high attack detection accuracy of 98.9%, 98% and 97% for TCPSYN, UDP and ICMP flood attacks respectively. While SANTA had the lowest detection accuracy of 78%, 75% and 70% for TCPSYN, UDP and ICMP flood attacks in turn. The false alarm ratio and the detection delays of the multiagent intrusion detection system were equally found to be particularly low when compared to those of the other two systems.
Authors and Affiliations
Vivian Ogochukwu Nwaocha, Hy C Inyiama
Keywords
Related Articles
- EP ID EP28138
- DOI -
- Views 232
- Downloads 1
Design of Modulo 2n-1 based on Radix-8 Algorithm for RNS & MAC Applications
A new architecture, namely, Multiplier-and Accumulator (MAC) based Radix-8 Booth Encoded modulo 2n-1 Multiplication Algorithm for high-speed arithmetic logics have been proposed and implemented on Xilinx FPGA device....
A secure indexing method for privacy- preserving keyword search
E-healthcare systems are ever trendier, a large amount of private data for medical principle is occupied, and populace start to appreciate that they would entirely lose organize over their individual information once...
A Survey on Channel Estimation Techniques in OFDM System
Orthogonal Frequency Division Multiplexing (OFDM) breaks the carrier in to sub carriers which are orthogonal to one- another, and hence called as orthogonal frequency division multiplexing. It is an extension of conv...
Recent Trends In 4G Over 3G Technology
The objective of this paper is to evaluate recent trends in Fourth generation (4G) mobile services. Given the success of Third generation (3G) mobile communications systems and services, the third generation mobile n...
Mobile to Mobile data transfer through Human Area Network
Technologies enabling communication between people and devices in close proximity are required for all modern user friendly gadgets. This paper demonstrates a design and implementation of Human Area Network technolog...