An Effective Scheme for Countering Distributed Denial of Service Attacks on Mobile Ad-hoc Networks
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2015, Vol 4, Issue 1
Abstract
Mobile ad hoc networks play a key role in the private and public communication, yet their application is being hampered by network attacks. One of the most dangerous attacks that pose a serious threat to the mobile ad hoc network is the distributed denial of service attack. Although many researchers have proposed several schemes for countering these intrusions, yet these attacks have continued to grow in volume and have become more frequent. Thus, this paper focuses on the design and implementation of a multiagent intrusion detection system for countering distributed denial of service attacks on a mobile ad-hoc network. A prototype of the proposed system was implemented using readily available resources. In order to address the major drawbacks in existing Intrusion Detection Systems (IDSs) such as low attack detection accuracy, high false positive alarm and detection delay, a new distributed architecture was designed for a more ample detection of DDoS flooding attacks. New algorithms were introduced for optimal bandwidth establishment, averting Internet Protocol (IP) Spoofing, as well as for detecting and responding to three prevalent forms of DDoS attacks namely: Transport Control Protocol (TCPSYN) flood, User Datagram Protocol (UDP) flood and Internet Control Message Protocol (ICMP) flood attacks. The effectiveness of the multiagent intrusion detection system was validated by simulating the TCPSYN, UDP and ICMP flood attacks into the newly developed system. The performance of the Multiagent Intrusion Detection System was compared with two other agentbased intrusion detection systems namely: Security Agents for Network Traffic Analysis (SANTA) and Multiagent Reinforcement Learning for Intrusion Detection (MARL). The results of the tests revealed that the Multiagent Intrusion Detection System had very high attack detection accuracy of 98.9%, 98% and 97% for TCPSYN, UDP and ICMP flood attacks respectively. While SANTA had the lowest detection accuracy of 78%, 75% and 70% for TCPSYN, UDP and ICMP flood attacks in turn. The false alarm ratio and the detection delays of the multiagent intrusion detection system were equally found to be particularly low when compared to those of the other two systems.
Authors and Affiliations
Vivian Ogochukwu Nwaocha, Hy C Inyiama
Keywords
Related Articles
- EP ID EP28138
- DOI -
- Views 249
- Downloads 1
Securing a Network by Modeling and Containment of Worms Using Preference Scanning
Self-propagating codes, called worms. In this paper, we present an inclination branching process model for characterizing the propagation of Internet worms. Basically user knows the name and the definition of worms, b...
A New Approach On Incremntal Affinity Propagation Clustering Technique Based On Preference
Many of the clustering algorithms were intended for discovering patterns in static data. Nowadays, more and more data e.g., blogs, Web pages, video surveillance, etc., are come into view in dynamic manner, known as d...
Design of a CPW –Fed L slit antenna for X band application
A coplanar waveguide (CPW) fed antenna with L-slit is presented in this paper. Two L-slits are introduced both sides of the patch to reduce the resonant frequency.The antenna has been designed on a FR4 substrate with...
Analysis of Four Stage Encryption
Four Stage Encryption generates the output alphabet from a given input alphabet. The size of the output alphabet depends upon the key K0. Unless this key is known, it is difficult to guess the size of the output alph...
Design Of Ternary Arithmetic Circuits Using QDGFET
This paper presents a novel design of ternary arithmetic circuits like half-adder and multiplier using quantum dot field effect transistors. Due to the change in threshold voltage over the range QDGFETs produce one i...