An Effective Scheme for Countering Distributed Denial of Service Attacks on Mobile Ad-hoc Networks
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2015, Vol 4, Issue 1
Abstract
Mobile ad hoc networks play a key role in the private and public communication, yet their application is being hampered by network attacks. One of the most dangerous attacks that pose a serious threat to the mobile ad hoc network is the distributed denial of service attack. Although many researchers have proposed several schemes for countering these intrusions, yet these attacks have continued to grow in volume and have become more frequent. Thus, this paper focuses on the design and implementation of a multiagent intrusion detection system for countering distributed denial of service attacks on a mobile ad-hoc network. A prototype of the proposed system was implemented using readily available resources. In order to address the major drawbacks in existing Intrusion Detection Systems (IDSs) such as low attack detection accuracy, high false positive alarm and detection delay, a new distributed architecture was designed for a more ample detection of DDoS flooding attacks. New algorithms were introduced for optimal bandwidth establishment, averting Internet Protocol (IP) Spoofing, as well as for detecting and responding to three prevalent forms of DDoS attacks namely: Transport Control Protocol (TCPSYN) flood, User Datagram Protocol (UDP) flood and Internet Control Message Protocol (ICMP) flood attacks. The effectiveness of the multiagent intrusion detection system was validated by simulating the TCPSYN, UDP and ICMP flood attacks into the newly developed system. The performance of the Multiagent Intrusion Detection System was compared with two other agentbased intrusion detection systems namely: Security Agents for Network Traffic Analysis (SANTA) and Multiagent Reinforcement Learning for Intrusion Detection (MARL). The results of the tests revealed that the Multiagent Intrusion Detection System had very high attack detection accuracy of 98.9%, 98% and 97% for TCPSYN, UDP and ICMP flood attacks respectively. While SANTA had the lowest detection accuracy of 78%, 75% and 70% for TCPSYN, UDP and ICMP flood attacks in turn. The false alarm ratio and the detection delays of the multiagent intrusion detection system were equally found to be particularly low when compared to those of the other two systems.
Authors and Affiliations
Vivian Ogochukwu Nwaocha, Hy C Inyiama
Keywords
Related Articles
- EP ID EP28138
- DOI -
- Views 239
- Downloads 1
An Approach to Percolate Surplus Information Significances from OSN User Walls
As of Recent Years, Online Social Networks have transformed into a vital bit of step by step life for a few. One crucial issue in today user wall(s) is to give users the ability to control the messages posted in solitud...
Scalable Technique to Answer Continuous Aggregation Queries Using Network Of Aggregators Of Dyanmic Data Items
Continuous aggregation queries are used to monitor the changes in data with time varying for online decision making. For continuous queries, a low-cost and scalable technique using a network of aggregators. Individua...
Identifying Misuse of Data In Cloud
Cloud Storage Enables Users To Store Their Data Offering strong data protection to cloud users while enabling rich applications is a challenging task. We explore a new cloud platform architecture called Data Protecti...
A novel Cut Detection Technique in WSN
If some of the nodes fails in wireless sensor network it can get separated into multiple connected components which is called as “cut”. This paper concentrates on the problem of detecting cuts by the help remaining n...
A Case study on Run time Load Balancing of Virtual Machines in Cloud Environment
In these days many people using clouds for all their needs, because of robust features and security provided by the cloud computing. Cloud computing must satisfy all the needs of users who scale the resource usage in...