Intrusion Detection, Forecast and Traceback Against DDoS Attacks
نویسنده
چکیده
Nowadays, DDoS is one of the most troublesome attacks. Attackers often penetrate innocent routers and hosts to make them unwittingly participate in such large-scale attacks acting as zombies or reflectors. Also, the Internet consists of autonomous network management units. Organizing these units is helpful in detecting DDoS attacks if several adjacent or nearby network management units could collaboratively guard and protect their important surrounded neighbors. In this article, we propose an Intrusion Detection, Forecast and Traceback System (IDeFT) based on united defense environment. First, a detection system that is able to detect two types of attacks, logical and DoS/DDoS, is developed. Logical attacks are recognized by neural networks. DDoS, distributed reflective DoS and what role a host/router plays in the two types of attacks are identified by the CUSUM algorithm. A hash-based intrusion tracer is also deployed to trace back to malicious clients. A forecasting model which plays the role as a proactive intrusion prevention system monitors network forwarding traffic to forecast malicious behaviors previously for its neighbor unit. Network management units with the properties of regional cooperation and autonomy can carry their network security to a higher achievement level.
منابع مشابه
Performance Analysis of ACO-based IP Traceback
The Internet has experienced a tremendous expansion in its size and complexity since its commercialization. Internet hosts are threatened by large-scale Distributed Denial-ofService (DDoS) attacks in the network. DDoS attacks typically rely on compromising a large number of hosts to generate traffic to a single destination node. Thus the severity of DDoS attacks will likely increase to the poss...
متن کاملA Peer-to-Peer Architecture to collaboratively Propagate and Traceback DDoS Attack information using DST
Distributed Denial of Service attacks has become prevalent in the context of ever growing Internet. Numerous attacks have taken place in the past and numerous solutions have been suggested. Intrusion detection and filtering are necessary mechanisms to combat against these attacks and secure networks. However, the existing detection techniques for DDoS attacks have their entities work in isolati...
متن کاملA Secure Intrusion Detection System Against Ddos Attack
mod_security (an open source intrusion detection and prevention engine for to the Internet, securing your systems against attackers must be a high priority. An Intrusion Detection System against DDOS for MANETs attacks MANET also contains wireless sensor nodes, these highly secure IDS to detect attacks. 2. knowledge from the packet flow and packet details to detect DDOS attacks.
متن کاملProgramming routers to improve network security
Denial of Service (DoS ) attacks represent, in today’s Internet, one of the most complex issues to address. In this paper we present a novel approach to deal with Distributed DoS (DDoS ) attacks in the Internet. We propose a model for an Active Security System, comprising a number of components that actively cooperate in order to effectively react to a wide range of attacks. Functional to our a...
متن کامل