A Fuzzy Rule Based Forensic Analysis of DDoS Attack in MANET
نویسندگان
چکیده
Mobile Ad Hoc Network (MANET) is a mobile distributed wireless networks. In MANET each node are self capable that support routing functionality in an ad hoc scenario, forwarding of data or exchange of topology information using wireless communications. These characteristic specifies a better scalability of network. But this advantage leads to the scope of security compromising. One of the easy ways of security compromise is denial of services (DoS) form of attack, this attack may paralyze a node or the entire network and when coordinated by group of attackers is considered as distributed denial of services (DDoS) attack. A typical, DoS attack is flooding excessive volume of traffic to deplete key resources of the target network. In MANET flooding can be done at routing. Ad Hoc nature of MANET calls for dynamic route management. In flat ad hoc routing categories there falls the reactive protocols sub category, in which one of the most prominent member of this subcategory is dynamic source routing (DSR) which works well for smaller number of nodes and low mobility situations. DSR allows on demand route discovery, for this they broadcast a route request message (RREQ). Intelligently flooding RREQ message there forth causing DoS or DDoS attack, making targeted network paralyzed for a small duration of time is not very difficult to launch and have potential of loss to the network. After an attack on the target system is successful enough to crash or disrupt MANET for some period of time, this event of breach triggers for investigation. Investigation and forensically analyzing attack scenario provides the source of digital proof against attacker. In this paper, the parameters for RREQ flooding are pointed, on basis of these parameters fuzzy logic based rules are deduced and described for both DoS and DDoS. We implemented a fuzzy forensic tool to determine the flooding RREQ attack of the form DoS and DDoS. For this implementation various experiments and results are elaborated in this paper. Keywords—DoS and DDoS attack; DSR; Fuzzy logic; MANET; Network forensic analysis.
منابع مشابه
Application of Forensic Analysis for Intrusion Detection against DDoS Attacks in Mobile Ad Hoc Networks
This paper addresses a specific approach to resolving the problem of intrusion detection against distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANET). The main function of an intrusion detection system (IDS) is to inspect the network for malicious activities, policy violations and security loopholes integrity, and to generate the appropriate reports. Network forensics ...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملPerformance Analysis of AODV and TORA under DDoS Attack in MANETs
Wireless networks are gaining popularity day by day, as users want wireless connectivity irrespective of their geographic position. There is an increasing threat of malicious nodes attacks on the Mobile Ad-hoc Networks (MANET). Distributed denial of service attack is one of the security threat in which is used to make the network resources unavailable. The distributed denial of service (DDoS) a...
متن کاملA Coding-Based Incremental Traceback Scheme against DDoS Attacks in MANET
Due to constrained resources, DDoS attack is one of the biggest threats to MANET. IP traceback technique is useful to defend against such type of attacks, since it can identify the attack sources. Several types of traceback schemes have been proposed for wired networks. Among all the existing schemes, probabilistic packet marking (PPM) scheme might be the most promising scheme for MANET. Howeve...
متن کاملThe Detection and Orientation Method to DRDoS Attack Based on Fuzzy Association Rules
DDoS (Distributed Denial of Service) attack is being the most extensive danger and difficulty to defense. A new kind of DDoS attack named DRDoS (Distributed Reflector Denial of Service) appears in recent years, which is more dangerous than DDoS attack because it is in stronger disguise. In this paper, the principle of DRDoS attack is studied and the network traffic is analyzed by fuzzy associat...
متن کامل