Refine your search
Collections
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Uddin, Mueen
- Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network
Abstract Views :667 |
PDF Views:234
Authors
Affiliations
1 Faculty of Computing and Technology, Asia Pacific University of Technology & Innovation Bukit Jalil, 57000, Kuala Lumpur, MY
2 School of Computer Science, Faculty of Information Science and Technology University Kebangsaan Malaysia, Bangi, 43600, Selangor, MY
1 Faculty of Computing and Technology, Asia Pacific University of Technology & Innovation Bukit Jalil, 57000, Kuala Lumpur, MY
2 School of Computer Science, Faculty of Information Science and Technology University Kebangsaan Malaysia, Bangi, 43600, Selangor, MY
Source
Indian Journal of Science and Technology, Vol 6, No 2 (2013), Pagination: 4045-4057Abstract
Distributed Denial of Service (DDoS) attacks are an increasing threat to the Internet community. Intrusion Detection Systems (IDSs) have become a key component in ensuring the safety of systems and networks. As networks grow in size and speed, efficient scalable techniques should be available for IDSs. Gnutella is a Peer to-Peer (P2P) networking model that currently provides decentralized file-sharing capabilities to its users but the distinction between server and client is pale. Due to Gnutella’s dependence on a central unit, the program is vulnerable to security breaches. Methods/Statistical analysis: An IDS to detect DDoS attacks by simulating Artificial Immune System (AIS) is herein proposed. The proposed system uses an algorithm based on anomaly and signature-based detection mapped to AIS called “Generation of Detector (Genetic Algorithm)” to detect DDoS attacks. Each time an attack is identified, a new generation is added to the detectors dataset to detect the intrusions. Results: Simulation results show that the proposed method not only has adaptability, scalability, flexibility and variety but also has high accuracy and correctness. Conclusion/Application: The proposed algorithm efficiently reduces the false positives, thus the detection rate of intrusions is increased. Hence, the overall detection rate increases which ultimately increases the functional efficiency of the network to an acceptable level.Keywords
Arti Icial Immune System, DDos Attack, Gnutella Hybrid P2P Network, Genetic Algorithm, Intrusion Detection SystemFull Text
References
- A. Okine, Dasgupta D and Nii. (1997). Immunity-based systems: A survey. Paper presented at the Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics.
- Abdelhaq M, Hassan R and Ismail M. (2012). A Study on the Vulnerability of AODV Routing Protocol to Resource Consumption Attack. Indian Journal of Science and Technology, 5(11), 3573-3577.
- Aickelin U, Bentley P, Cayzer S, Kim J and McLeod J. (2003). Danger Theory: The Link between Artificial Immune Systems and Intrusion Detection Systems. Paper presented at the Proceedings of the 2nd International Conference on Artificial Immune Systems.
- Aickelin U and Dasgupta D. (2004). An Immune-Inspired Approach to Anomaly Detection: University of Nottingham, Nottingham.
- Aickelin U, Greensmith J and Twycross J. (2004). Immune system approaches to intrusion detection–a review. Paper presented at the Proceeding of the Third International Conference on Artificial Immune Systems. Number 3239 in Lecture Notes in Computer Science.
- Alaettinoglu C, Shanker AU, Dussa-Zieger K and Matta I. (1991). Mars (maryland routing simulator)-version 1.0 user’s manual. University of Maryland College Park Technical Report, 91(80), 1-36.
- Alder JBR, Doxtater A, Foster J, Kohlenberg T and Rash M. (2004). Snort 2.1Intrusion Detection ( 2nd ed. ed.): Rockland, MA: Syngress (Distributed by O’Reilly and Associates).
- Andrade N, Brasileiro F, Cirne W and Mowbray M. (2007). Automatic grid assembly by promoting collaboration in peer-to-peer next term grids. International Journal of Critical Infrastructures, 67(8), 957-966.
- Athanasopoulos E, Anagnostakis K and Markatos E. (2006). Misusing unstructured p2p systems to perform dos attacks: The network that never forgets. Paper presented at the Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS’06).
- Basagni S, Conti M, Giordano S and Stojmenović I. (2004). Mobile ad hoc networking: Wiley-IEEE Press.
- Bentley PJ and Kim J. (2001). Towards an artificial immune system for network intrusion detection: An investigation of dynamic clonal selection. Paper presented at the The Congress on Evolutionary Computation (CEC-2001), Seoul, Korea.
- Berners-Lee T, Hendler J and Lassila O. (2001). The semantic web: A new form of web content that is meaningful to computers will unleash a revolution of new possibilities Scientific American.
- Beverly Yang B and Garcia-Molina H. (2003). Designing a super-peer network. Paper presented at the Proceeding of 19th International Conference on Data Engineering,.
- Broch J, Maltz DA, Johnson DB, Hu YC and Jetcheva J. (1998). A performance comparison of multi-hop wireless ad hoc network routing protocols. Paper presented at the Proceedings of the 4th International Conference on Mobile Computing and Networking (ACM MOBICOM’98).
- Cannady LJ and Gonzalez J. (2004). A self-adaptive negative selection approach for anomaly detection. Paper presented at the Proceedings of the 2004 Congress of Evolutionary Computation.
- Cayzer S and Aickelin U. (2002). Danger theory and its applications to AIS. Paper presented at the Proceeding of the Second Internation Conference on Artificial Immune Systems (ICARIS-02).
- Chang RKC. (2002). Defending Against Flooding-Based Distributed Denial-of-Service Attacks: A tutorial. IEEE Communications Magazine, 40(10), 42-51.
- Cornelli F, Damiani E, Capitani SD, Paraboschi S and Samarati P. (2002). Implementing a Reputation-Aware Gnutella Servent. Lecture Notes In Computer Science, Springer-Verlag, London, UK, 2376, 321-334.
- Creely SJ, McTernan PG, Kusminski CM, Da Silva N, Khanolkar M, Evans M, Harte A and Kumar S. (2007). Lipopolysaccharide activates an innate immune system response in human adipose tissue in obesity and type 2 diabetes. American Journal of Physiology-Endocrinology And Metabolism, 292(3), E740-E747.
- Das SR, Castañeda R and Yan J. (2000). Simulation-based performance evaluation of routing protocols for mobile ad hoc networks. Mobile networks and applications, 5(3), 179- 189.
- Dasgupta D, Ji Z and Gonzalez F. (2003). Artificial immune system (AIS) research in the last five years. Paper presented at the The 2003 Congress on Evolutionary Computation, 2003. CEC’03. .
- de Paula FS, de Castro LN and de Geus PL. (2004). An intrusion detection system using ideas from the immune system. Paper presented at the roceeding of IEEE Congress on Evolutionary Computation (CEC-2004).
- Dietrich S, Long N and Dittrich D. (2000). Analyzing distributed denial of service tools: The shaft case. Paper presented at the Proceedings of USENIX (Dec 2000).
- Dubendorfer T and Wagner A. (2003). Past and Future Internet Disasters: DDoS attacks: April.
- Elson J, Girod L and Estrin D. (2002). Fine-grained network time synchronization using reference broadcasts. ACM SIGOPS Operating Systems Review, 36(SI), 147-163.
- . Exploiting the security weaknesses of the gnutella protocol. http://www.cs.ucr.edu/ csyiazti/courses/cs260-2/project/gnutella.pdf.
- Forrest S, Perelson AS, Allen L and Cherukuri R. (1994). Self-Nonself Discrimination in a Computer. Paper presented at the Proceeding IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press.
- Foster I, Kesselman C and Tuecke S. (2001). The anatomy of the grid: Enabling scalable virtual organizations. The International Journal of High Performance Computing Applications, 15(3), 200-222.
- Foster M and Ripeanu I. (2002). Mapping the Gnutella network. Paper presented at the Proceeding of the 1st International Workshop On Peer-to-Peer Systems, Cambridge, MA.
- G.Oikonomou, Reiher P, Robinson M and Mirkovic J. (2006). A framework for a collaborative DDoS defense. Paper presented at the Proceedings of the 2006 annual computer security applications conference.
- . Gnutella website. http://www.gnutella.com
- Gomes. (2001). Gnutella keeps growing and growing Online. WSJ Interactive Edition, http://www.zdnet.com/zdnn/ stories/news/0,4586,2766234,00.html. May2001. .
- Greensmith J and Aickelin U. (2008). The deterministic dendritic cell algorithm. Paper presented at the Proceeding of the 7th International Conference on Artificial Immune Systems (ICARIS).
- Greensmith J, Twycross J and Aickelin U. (2006). Dendritic cells for anomaly detection. Paper presented at the Proceeding of the Congress on Evolutionary Computation (CEC).
- Hatsuda T and Motozumi Y. (1998). Interference experiments between fixed-satellite and terrestrial radio-relay services. Aerospace and Electronic Systems, IEEE Transactions on, 34(1), 23-32.
- Hofmeyr SA and Forrest S. (2000). Architecture for an artificial immune system. Evolutionary computation, 8(4), 443- 473.
- Hoven N, Tandra R and Sahai A. (2005). Some fundamental limits on cognitive radio. Wireless Foundations EECS, Univ. of California, Berkeley.
- Hwang K, Cai M, Kwok Y-k, Song S, Chen Y and Chen Y. (2006). DHT-based security infrastructure for trusted internet and grid computing. International Journal of Critical Infrastructures, 2(4), 412-433.
- Jian G, Da-Xin L and Bin-Ge C. (2004). An induction learning approach for building intrusion detection models using genetic algorithms. Paper presented at the Proceedings of Fifth World Congress on Intelligent Control and Automation WCICA.
- Johnson DB, Maltz DA and Broch J. (2001). DSR: The dynamic source routing protocol for multi-hop wireless ad hoc networks. Ad hoc networking, 5, 139-172.
- Katz ML and Shapiro C. (1994). Systems Competition and Network Effects. Journal of Economic Perspectives, 8(2), 93-115.
- Kim J and Bentley PJ. (2001). Evaluating negative selection in an artificial immune system for network intrusion detection. Paper presented at the Proceedings of GECCO
- Kim J and Bentley PJ. (2001). Towards an artificial immune system for network intrusion detection: An investigation of clonal selection with a negative selection operator. Paper presented at the Proceedings of the 2001 Congress on Evolutionary Computation.
- Kim RY, Kwak JS and Etemad K. (2009). WiMAX femtocell: requirements, challenges, and solutions. Communications Magazine, IEEE, 47(9), 84-91.
- Kruegel C and Toth T. (2003). Using decision trees to improve signature-based intrusion detection. Paper presented at the Recent Advances in Intrusion Detection.
- Lee W and Stolfo. SJ. (2000). A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security (TISSEC), 3(4), 227-261.
- Li Xiao, Liu Y and Ni LM. (2005). Improving Unstructured Peer-to-Peer Systems by Adaptive Connection Establishment. IEEE Transactions on Computers, 54(9), 1091-1103.
- Lui S, Lang KR and Kwok S. (2002). Participation incentive mechanisms in peer-to-peer subscription systems. Paper presented at the Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS’02).
- Marina MK and Das SR. (2001). On-demand multipath distance vector routing in ad hoc networks.
- McIlraith SA, Son TC and Zeng H. (2001). Semantic web services. IEEE Intelligent Systems, Special Issue on the Semantic Web, 16(2), 46-53.
- Melby NJ. (2005). Comparative Relative Strength in Artificial Immune Systems: System Wellness.
- Mills D, Martin J, Burbank J and Kasch W. (2010). Network time protocol version 4: protocol and algorithms specification. Internet Engineering Task Force, Tech. Rep. RFC, 5905.
- Mirkovic J, Robinson M and Reiher P. (2003). Alliance formation for DDoS defense.
- Oliveira LB, Siqueira IG and Loureiro AAF. (2005). On the performance of ad hoc routing protocols under a peer-topeer application. Journal of Parallel and Distributed Computing, 65(11), 1337-1347.
- Panagopoulos AD, Arapoglou PDM and Cottis PG. (2004). Satellite communications at Ku, Ka, and V bands: Propagation impairments and mitigation techniques. Communications Surveys & Tutorials, IEEE, 6(3), 2-14.
- Parham P and Janeway CA. (2005). The immune system: Garland Science New York.
- Roddy D. (1989). Satellite communications. New Jersey, Englewood Cliffs.
- Roussopoulos M, Baker M, Rosenthal D, Guili T, Maniatis P and Mogul J. (2004). 2 P2P or Not 2 P2P? Paper presented at the The 3rd International Workshop on Peer-to-Peer Systems, San Diego, CA, USA.
- Srour L, Kayssi A and Chehab A. (2006). Reputation-based algorithm for managing trust in file sharing networks.
- Stepney S, Smith R, Timmis J and Tyrrell A. (1974). Towards a conceptual framework for artificial immune systems. Paper presented at the Proceeding of the 3rd International Conference on Artificial Immune Systems (ICARIS), LNCS 3239, 2004: 53-64. 28. teur), 125C.
- Uddin M, Khowaja K and Rehman AA. (2010). Dynamic Multi Layer signature based IDS using Mobile Agents. International Journal of Network Security and its Applications, 2(4), 129-141.
- Uddin M and Rahman AA. (2011). Reliability of Mobile Ad Hoc Networks through Performance Analysis of TCP Variants over AODV. Journal of Applied Sciences Research, 7(4), 437-446.
- Uddin M, Rahman AA, Alarifi A, Talha M, Shah A, Iftikhar M and Zomaya A. (2012). Improving Performance of Mobile Ad hoc Networks using Efficient Tactical on demand Distance Vector (TAODV) Routing Algorithm. International Journal of Innovative Computing, Information and Control (IJICIC), 8(6), 4375-4389.
- Wang C, Alqaralleh BA, Zhou BB, Till M and Zomaya AY. (2005). A blast service built on data indexed overlay network. Paper presented at the Proceedings of the First International Conference on e-Science and Grid Computing (ESCIENCE ‘05), IEEE Computer Society, Washington, DC, USA.
- Mobile Agent based Multi-layer Security Framework for Cloud Data Centers
Abstract Views :137 |
PDF Views:0
Authors
Affiliations
1 Faculty of Computer Systems and Software Engineering, University Malaysia Pahang, MY
2 Department of Information Systems, Faculty of Computing, Universiti Teknologi Malaysia, MY
3 School of Computer Science, Faculty of Information Science and Technology, University Kebangsaan Malaysia, Bangi, 43600, Selangor, MY
4 Kulliah of Information and Communication Technology, International Islamic University Malaysia, MY
5 2Department of Information Systems, Faculty of Computing, Universiti Teknologi Malaysia, MY
1 Faculty of Computer Systems and Software Engineering, University Malaysia Pahang, MY
2 Department of Information Systems, Faculty of Computing, Universiti Teknologi Malaysia, MY
3 School of Computer Science, Faculty of Information Science and Technology, University Kebangsaan Malaysia, Bangi, 43600, Selangor, MY
4 Kulliah of Information and Communication Technology, International Islamic University Malaysia, MY
5 2Department of Information Systems, Faculty of Computing, Universiti Teknologi Malaysia, MY
Source
Indian Journal of Science and Technology, Vol 8, No 12 (2015), Pagination:Abstract
Objectives: This paper proposes a new mobile agent based cloud security framework comprising four different security and authentication layers to establish the trust relationship between two entities before using cloud services. Methods/Analysis: The proposed framework is divided into four layers with each layer performing authentication, verification and integrity at different levels of communication between two entities. An algorithm is used to check and analyze the validity and functionality of each layer. Mobile agents are used as main components for performing different tasks assigned and requested by clients from cloud service providers. Findings: The framework uses authenticated mobile agents from both clients and cloud service provider to perform the tasks on behalf of users to establish trustworthy computing relationship. This makes the whole process transparent and clear according to users and cloud service providers’ perspective. The proposed framework effectively ensures privacy and security of client data and gives control to client over his data using the security agents. Conclusion/Application: The main contribution of this paper is undoubtedly the agreement of trustworthy relationship between two entities to agree on security service level agreements to dynamically configure and add mobile agents on virtual machines handled by task managers in their respective mobile agent platforms.Keywords
Cloud Computing, Cloud Security, Cloud Security Framework, Mobile Agents and Trust RelationshipFull Text