An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks
作者: A. Kannammal , P. Devi
DOI:
关键词:
摘要: Various types of routing attacks and their corresponding countermeasures for mobile ad hoc networks (MANETs) have been identified in the literature study. However problems computational complexity false alarms not yet reduced. In this paper, we proposed a proactive detection mechanism distributed denial service (DDoS) which considers feature extraction, reduction entropy, clustering technique ranking. These techniques are approached by statistical analysis involved XOR marking to classify legitimate malicious data packets. Our system applies methodologies on each packet, finds abnormalities during pre-attack phase itself filters them. Experiments done with 2000 DARPA intrusion scenario specific dataset assess time, ratio alarms, complexity. The experimental results show efficiency DDoS attack larger positive
参考文章(41)
Zakaria Al Qudah, Basheer Al Duwairi, Osama Al Khaleel, DDoS protection as a service: hiding behind the giants computational science and engineering. ,vol. 9, pp. 292- 300 ,(2014) , 10.1504/IJCSE.2014.060711
Randolph Marchany, Jung-Min Park, Ruiliang Chen, TRACK: A Novel Approach for Defending Against Distributed Denial-of-Service Attacks ,(2005)
E Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA APPLICATIONS OF DATA MINING IN COMPUTER SECURITY. pp. 0- 0 ,(2002) , 10.7916/D8D50TQT
Hans-Peter Kriegel, Martin Ester, Jörg Sander, Xiaowei Xu, A density-based algorithm for discovering clusters in large spatial Databases with Noise knowledge discovery and data mining. pp. 226- 231 ,(1996)
D. Senie, P. Ferguson, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing RFC 2827-BCP 38. ,vol. 2267, pp. 1- 10 ,(1998)
Hwanjo Yu, Jiong Yang, Jiawei Han, Classifying large data sets using SVMs with hierarchical clusters knowledge discovery and data mining. pp. 306- 315 ,(2003) , 10.1145/956750.956786
S. JEONG, An Effective DDoS Attack Detection and Packet-Filtering Scheme IEICE Transactions on Communications. ,vol. 89, pp. 2033- 2042 ,(2006) , 10.1093/IETCOM/E89-B.7.2033
Usman Tariq, Yasir Malik, Bessam Abdulrazak, ManPyo Hong, Collaborative Peer to Peer Defense Mechanism for DDoS Attacks Procedia Computer Science. ,vol. 5, pp. 157- 164 ,(2011) , 10.1016/J.PROCS.2011.07.022
Pedro Casas, Johan Mazel, Philippe Owezarski, Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge Computer Communications. ,vol. 35, pp. 772- 783 ,(2012) , 10.1016/J.COMCOM.2012.01.016
P. Arun Raj Kumar, S. Selvakumar, Distributed denial of service attack detection using an ensemble of neural classifier Computer Communications. ,vol. 34, pp. 1328- 1341 ,(2011) , 10.1016/J.COMCOM.2011.01.012