Self-protected Mobile Agent Approach for Distributed Intrusion Detection System against DDoS Attacks

نویسنده

  • P. Marikkannu
چکیده

With the growing Information Systems and Network technologies, security threats over the systems have also become common. Providing a security mechanism to detect such threats has become an inevitable part of Information Systems. Distributed Denial of Service (DDoS) attack is one of the most common attacks which are done in a co-ordinated manner. Hence, we need a Distributed Intrusion Detection System to detect those attacks. We use mobile agents for the purpose of Intrusion Detection. However, these mobile agents are prone to attacks which may lead to the failure of the IDS as a whole. In this paper, we propose a system for distributed intrusion detection system against DDoS attacks. In our system, we propose two security architectures namely Isolated Trusted Environment SMADIDS and Integrated Trusted Environment SMADIDS based on the mechanism of reference clone to protect the mobile agent from being modified. We also incorporate the functionality of Protocol Analysis Method in combination with the traditional rule based IDS to enhance the Intrusion Detection and to reduce false alarm rate. From the results obtained, it was observed that the system proves to be better in its performance compared to other traditional Intrusion Detection Systems and is found to provide at most security to the Mobile Agents. Keywords-Distributed Intrusion Detection System, Selfprotected mobile agents, DDoS, Reference Clone, Protocol Analysis, Network Security

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks

By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...

متن کامل

An Intrusion Detection System Algorithm for Defending MANET against the DDoS Attacks

Mobile ad hoc network (MANET) is rapidly deployable, self configuring network able to communicate with each other without the aid of any centralized system. There is no need for existing infrastructure base network. In MANET Wireless medium is radio frequencies and nodes are mobile, topology can be very dynamically. Nodes must be able to relay traffic since communicating nodes might be out of r...

متن کامل

Application of Forensic Analysis for Intrusion Detection against DDoS Attacks in Mobile Ad Hoc Networks

This paper addresses a specific approach to resolving the problem of intrusion detection against distributed denial of service (DDoS) attacks in mobile ad hoc networks (MANET). The main function of an intrusion detection system (IDS) is to inspect the network for malicious activities, policy violations and security loopholes integrity, and to generate the appropriate reports. Network forensics ...

متن کامل

A Firegroup Mechanism to Provide Intrusion Detection and Prevention System Against DDos Attack in Collaborative Clustered Networks

Distributed Denial of Service (DDOS) attacks are the major concern for security in the collaborative networks. Although non DDOS attacks are also make the network performances poor, the effect of DDOS attacks is severe. In DDOS attacks, flooding of the particular node as victim and jam it with massive traffic happens and the complete network performance is affected. In this paper, a novel Intru...

متن کامل

Anomaly Detection using Fuzzy Q-learning Algorithm

Wireless networks are increasingly overwhelmed by Distributed Denial of Service (DDoS) attacks by generating flooding packets that exhaust critical computing and communication resources of a victim’s mobile device within a very short period of time. This must be protected. Effective detection of DDoS attacks requires an adaptive learning classifier, with less computational complexity, and an ac...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010