Open Access
Subscription Access
Flow-Based Attack Detection and Defense Scheme against DDoS Attacks in Cluster Based Ad Hoc Networks
DDoS attacks in MANETs needs to be handled as early as possible so as to avoid them to reach the victim node. DDoS attacks are difficult to detect due to their features like varying attack intensity, large amount of packets etc. so it becomes necessary to distinguish and filter attack traffic in source or intermediate clusters. Here the cluster heads will uses flow based monitoring schemes to identify the suspicious behaviours of incoming traffic in each clusters. Cluster head constructs flows from the incoming traffic and computes normalized entropy for specific time windows. The normalized entropy is compared against threshold entropy to identify the presence of suspicious flows. Later packet rate of suspicious flow is calculated and compared against packet rate entropy to identify the suspicious flows. Later the suspicious flow information is shared with neighbouring cluster heads to further confirm the presence of DDoS attack or not. If DDoS attack is confirmed the packets related to suspicious flows will be discarded. The efficiency and accuracy of proposed attack detection algorithm is evaluated using some performance metrics.
Keywords
Clustering, Distributed Denial of Service (DDoS) Attacks, Defense, Flow, MANETs.
User
Font Size
Information
- S. Corson and J. Macker, Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations, RFC 2501, 1999. Available at https://www.ietf.org/rfc/rfc2501.txt.
- J. Mirkovic, G. Prier, and P. Reiher, Attacking DDoS at the source, Proc. of ICNP 2002, Paris, France, 2002, 312-321.
- C. Papadopoulos, R. Lindell, J. Mehringer, A. Hussain, and R. Govindan. Cossack: Coordinated suppression of simultaneous attacks. Proc. DARPA Information Survivability Conference and Exposition, Washington, DC, USA, 2003, 94-96.
- W. Ren, D.Y Yeung, H. Jin, M. Yang, Pulsing RoQ DDoS Attack and Defense Scheme in Mobile Ad Hoc Networks, International Journal of Network Security, 4(2), 2007, 227-234.
- P. Yi, Z. Dai, S. Zhang, Y. Zhong, A New Routing Attack in Mobile Ad Hoc Networks, International Journal of Information Technology, 11(2), 2005, 8394.
- R. Khan, A.K. Vatsa, Detection and Control of DDoS Attacks over Reputation and Score Based MANET, Journal of Emerging Trends in Computing and Information Sciences, 2(11), 2011, 646-655.
- S.A. Arunmozhi, Y. Venkataramani, DDoS Attack and Defense Scheme in Wireless Ad hoc Networks, International Journal of Network Security & Its Applications, 3(3), 2011, 182-187.
- X. Jin, Y. Zhang, Y. Pan, Y. Zhou, ZSBT: A novel algorithm for tracing DoS attackers in MANETs. EURASIP Journal on Wireless Communications and Networking, 2006, 2006:096157, 1-9.
- I. Kim and K. Kim, A resource-efficient IP traceback technique for mobile ad-hoc networks based on timetagged bloom filter, Proc. of Third International Conference on Convergence and Hybrid Information Technology, 2008, 2, 549- 554.
- K. Singh, K. Dhindsa, and B. Bhushan, ThresholdBased Distributed DDoS Attack Detection Mechanism in ISP Networks, Turkish Journal of Electrical Engineering & Computer Sciences, 26(4), 2018, 1796-1811.
- C.E. Shannon, A Mathematical Theory of Communication, Bell System Technical Journal, 27, 1948, 379-423 & 623-656.
- T.M. Cover, and J.A. Thomas, Elements of Information Theory, Second Edition, John Wiley & Sons, 2006.
- A. Varga, The OMNeT++ Discrete Event Simulation System, Proceedings of the European Simulation Multi-conference, Prague, Czech Republic, 2001.
- M. G, and K. TNR, Packet Transfer Rate & Robust Throughput for Mobile Adhoc Network, Int. J. Advanced Networking and Applications, 8(6), 2017, 3242-3245.
- A. Taha, R. Alsaqour, M. Uddin, M. Abdelhaq, and T. Saba, Energy Efficient Multipath Routing Protocol for Mobile Ad-Hoc Network Using the Fitness Function, IEEE Access, 5, 2017, 10369-10381.
Abstract Views: 164
PDF Views: 0