A Security Framework for DDoS Detection In MANETs
作者: P. Devi , A. Kannammal
DOI: 10.1007/978-1-4614-3363-7_36
关键词: Denial-of-service attack 、 Network packet 、 Network security 、 Computer security 、 Wireless 、 Intrusion detection system 、 Mobile ad hoc network 、 Telecommunications network 、 Physical security 、 Computer network 、 Computer science
摘要: Mobile Ad-hoc Network (MANET) adopts distributed wireless communication without a centralised control. It is more vulnerable to Denial of Service and Distributed attacks due dynamic topology, limited physical security decentralized approach. These may collapse the entire networks. The detection such will improve network security. This paper produces some clarification framework based on Cluster Analysis identify isolate attacker from for detecting DDoS attack. traffic involved XOR Marking differentiate legitimate non-legitimate data packets. Thus origin nodes are traced isolated. Preliminary experiments done with 2000 DARPA Intrusion Detection Scenario Specific Data Set evaluate our method. experimental results show that proposed system effective efficient
springer.com
sci-hub.st 参考文章(14)
Steven Michael Bellovin, John Ioannidis, Implementing Pushback : Router-Based Defense Against DDoS Attacks network and distributed system security symposium. ,(2002) , 10.7916/D8R78MXV
S. JEONG, An Effective DDoS Attack Detection and Packet-Filtering Scheme IEICE Transactions on Communications. ,vol. 89, pp. 2033- 2042 ,(2006) , 10.1093/IETCOM/E89-B.7.2033
Yihua Liao, V.Rao Vemuri, Use of K-Nearest Neighbor classifier for intrusion detection11An earlier version of this paper is to appear in the Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, August 2002 Computers & Security. ,vol. 21, pp. 439- 448 ,(2002) , 10.1016/S0167-4048(02)00514-X
Jaeyeon Jung, Balachander Krishnamurthy, Michael Rabinovich, Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites the web conference. pp. 293- 304 ,(2002) , 10.1145/511446.511485
Abdul Serwadda, Vir V. Phoha, Idris A. Rai, Size-based scheduling: a recipe for DDOS? computer and communications security. pp. 729- 731 ,(2010) , 10.1145/1866307.1866412
Dimitris Gavrilis, Evangelos Dermatas, Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features Computer Networks. ,vol. 48, pp. 235- 245 ,(2005) , 10.1016/J.COMNET.2004.08.014
Claude E. Shannon, Warren Weaver, Norbert Wiener, The Mathematical Theory of Communication Physics Today. ,vol. 3, pp. 31- 32 ,(1950) , 10.1063/1.3067010
Qishi Wu, Denise Ferebee, Yunyue Lin, Dipankar Dasgupta, Monitoring security events using integrated correlation-based techniques Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW '09. pp. 47- ,(2009) , 10.1145/1558607.1558661
J. Mirkovic, P. Reiher, D-WARD: a source-end defense against flooding denial-of-service attacks IEEE Transactions on Dependable and Secure Computing. ,vol. 2, pp. 216- 232 ,(2005) , 10.1109/TDSC.2005.35
J.B.D. Cabrera, L. Lewis, Xinzhou Qin, Wenke Lee, R.K. Prasanth, B. Ravichandran, R.K. Mehra, Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study integrated network management. pp. 609- 622 ,(2001) , 10.1109/INM.2001.918069