Author Details

Scroll

Refine your search

Collections

Engineering Collection

Co-Authors

Journals

Indian Journal of Science and Technology

Year

2013
2012

Authors

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

Abdelhaq, Maha

Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network

Abstract Views :667 | PDF Views:234

Authors

Mueen Uddin ¹, Raed Alsaqour ², Maha Abdelhaq ²

Affiliations
1 Faculty of Computing and Technology, Asia Pacific University of Technology & Innovation Bukit Jalil, 57000, Kuala Lumpur, MY
2 School of Computer Science, Faculty of Information Science and Technology University Kebangsaan Malaysia, Bangi, 43600, Selangor, MY

Source

Indian Journal of Science and Technology, Vol 6, No 2 (2013), Pagination: 4045-4057

Abstract

Distributed Denial of Service (DDoS) attacks are an increasing threat to the Internet community. Intrusion Detection Systems (IDSs) have become a key component in ensuring the safety of systems and networks. As networks grow in size and speed, efficient scalable techniques should be available for IDSs. Gnutella is a Peer to-Peer (P2P) networking model that currently provides decentralized file-sharing capabilities to its users but the distinction between server and client is pale. Due to Gnutella’s dependence on a central unit, the program is vulnerable to security breaches. Methods/Statistical analysis: An IDS to detect DDoS attacks by simulating Artificial Immune System (AIS) is herein proposed. The proposed system uses an algorithm based on anomaly and signature-based detection mapped to AIS called “Generation of Detector (Genetic Algorithm)” to detect DDoS attacks. Each time an attack is identified, a new generation is added to the detectors dataset to detect the intrusions. Results: Simulation results show that the proposed method not only has adaptability, scalability, flexibility and variety but also has high accuracy and correctness. Conclusion/Application: The proposed algorithm efficiently reduces the false positives, thus the detection rate of intrusions is increased. Hence, the overall detection rate increases which ultimately increases the functional efficiency of the network to an acceptable level.

Keywords

Arti Icial Immune System, DDos Attack, Gnutella Hybrid P2P Network, Genetic Algorithm, Intrusion Detection System

Full Text

References

A. Okine, Dasgupta D and Nii. (1997). Immunity-based systems: A survey. Paper presented at the Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics.

Abdelhaq M, Hassan R and Ismail M. (2012). A Study on the Vulnerability of AODV Routing Protocol to Resource Consumption Attack. Indian Journal of Science and Technology, 5(11), 3573-3577.

Aickelin U, Bentley P, Cayzer S, Kim J and McLeod J. (2003). Danger Theory: The Link between Artificial Immune Systems and Intrusion Detection Systems. Paper presented at the Proceedings of the 2nd International Conference on Artificial Immune Systems.

Aickelin U and Dasgupta D. (2004). An Immune-Inspired Approach to Anomaly Detection: University of Nottingham, Nottingham.

Aickelin U, Greensmith J and Twycross J. (2004). Immune system approaches to intrusion detection–a review. Paper presented at the Proceeding of the Third International Conference on Artificial Immune Systems. Number 3239 in Lecture Notes in Computer Science.

Alaettinoglu C, Shanker AU, Dussa-Zieger K and Matta I. (1991). Mars (maryland routing simulator)-version 1.0 user’s manual. University of Maryland College Park Technical Report, 91(80), 1-36.

Alder JBR, Doxtater A, Foster J, Kohlenberg T and Rash M. (2004). Snort 2.1Intrusion Detection ( 2nd ed. ed.): Rockland, MA: Syngress (Distributed by O’Reilly and Associates).

Andrade N, Brasileiro F, Cirne W and Mowbray M. (2007). Automatic grid assembly by promoting collaboration in peer-to-peer next term grids. International Journal of Critical Infrastructures, 67(8), 957-966.

Athanasopoulos E, Anagnostakis K and Markatos E. (2006). Misusing unstructured p2p systems to perform dos attacks: The network that never forgets. Paper presented at the Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS’06).

Basagni S, Conti M, Giordano S and Stojmenović I. (2004). Mobile ad hoc networking: Wiley-IEEE Press.

Bentley PJ and Kim J. (2001). Towards an artificial immune system for network intrusion detection: An investigation of dynamic clonal selection. Paper presented at the The Congress on Evolutionary Computation (CEC-2001), Seoul, Korea.

Berners-Lee T, Hendler J and Lassila O. (2001). The semantic web: A new form of web content that is meaningful to computers will unleash a revolution of new possibilities Scientific American.

Beverly Yang B and Garcia-Molina H. (2003). Designing a super-peer network. Paper presented at the Proceeding of 19th International Conference on Data Engineering,.

Broch J, Maltz DA, Johnson DB, Hu YC and Jetcheva J. (1998). A performance comparison of multi-hop wireless ad hoc network routing protocols. Paper presented at the Proceedings of the 4th International Conference on Mobile Computing and Networking (ACM MOBICOM’98).

Cannady LJ and Gonzalez J. (2004). A self-adaptive negative selection approach for anomaly detection. Paper presented at the Proceedings of the 2004 Congress of Evolutionary Computation.

Cayzer S and Aickelin U. (2002). Danger theory and its applications to AIS. Paper presented at the Proceeding of the Second Internation Conference on Artificial Immune Systems (ICARIS-02).

Chang RKC. (2002). Defending Against Flooding-Based Distributed Denial-of-Service Attacks: A tutorial. IEEE Communications Magazine, 40(10), 42-51.

Cornelli F, Damiani E, Capitani SD, Paraboschi S and Samarati P. (2002). Implementing a Reputation-Aware Gnutella Servent. Lecture Notes In Computer Science, Springer-Verlag, London, UK, 2376, 321-334.

Creely SJ, McTernan PG, Kusminski CM, Da Silva N, Khanolkar M, Evans M, Harte A and Kumar S. (2007). Lipopolysaccharide activates an innate immune system response in human adipose tissue in obesity and type 2 diabetes. American Journal of Physiology-Endocrinology And Metabolism, 292(3), E740-E747.

Das SR, Castañeda R and Yan J. (2000). Simulation-based performance evaluation of routing protocols for mobile ad hoc networks. Mobile networks and applications, 5(3), 179- 189.

Dasgupta D, Ji Z and Gonzalez F. (2003). Artificial immune system (AIS) research in the last five years. Paper presented at the The 2003 Congress on Evolutionary Computation, 2003. CEC’03. .

de Paula FS, de Castro LN and de Geus PL. (2004). An intrusion detection system using ideas from the immune system. Paper presented at the roceeding of IEEE Congress on Evolutionary Computation (CEC-2004).

Dietrich S, Long N and Dittrich D. (2000). Analyzing distributed denial of service tools: The shaft case. Paper presented at the Proceedings of USENIX (Dec 2000).

Dubendorfer T and Wagner A. (2003). Past and Future Internet Disasters: DDoS attacks: April.

Elson J, Girod L and Estrin D. (2002). Fine-grained network time synchronization using reference broadcasts. ACM SIGOPS Operating Systems Review, 36(SI), 147-163.

. Exploiting the security weaknesses of the gnutella protocol. http://www.cs.ucr.edu/ csyiazti/courses/cs260-2/project/gnutella.pdf.

Forrest S, Perelson AS, Allen L and Cherukuri R. (1994). Self-Nonself Discrimination in a Computer. Paper presented at the Proceeding IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press.

Foster I, Kesselman C and Tuecke S. (2001). The anatomy of the grid: Enabling scalable virtual organizations. The International Journal of High Performance Computing Applications, 15(3), 200-222.

Foster M and Ripeanu I. (2002). Mapping the Gnutella network. Paper presented at the Proceeding of the 1st International Workshop On Peer-to-Peer Systems, Cambridge, MA.

G.Oikonomou, Reiher P, Robinson M and Mirkovic J. (2006). A framework for a collaborative DDoS defense. Paper presented at the Proceedings of the 2006 annual computer security applications conference.

. Gnutella website. http://www.gnutella.com

Gomes. (2001). Gnutella keeps growing and growing Online. WSJ Interactive Edition, http://www.zdnet.com/zdnn/ stories/news/0,4586,2766234,00.html. May2001. .

Greensmith J and Aickelin U. (2008). The deterministic dendritic cell algorithm. Paper presented at the Proceeding of the 7th International Conference on Artificial Immune Systems (ICARIS).

Greensmith J, Twycross J and Aickelin U. (2006). Dendritic cells for anomaly detection. Paper presented at the Proceeding of the Congress on Evolutionary Computation (CEC).

Hatsuda T and Motozumi Y. (1998). Interference experiments between fixed-satellite and terrestrial radio-relay services. Aerospace and Electronic Systems, IEEE Transactions on, 34(1), 23-32.

Hofmeyr SA and Forrest S. (2000). Architecture for an artificial immune system. Evolutionary computation, 8(4), 443- 473.

Hoven N, Tandra R and Sahai A. (2005). Some fundamental limits on cognitive radio. Wireless Foundations EECS, Univ. of California, Berkeley.

Hwang K, Cai M, Kwok Y-k, Song S, Chen Y and Chen Y. (2006). DHT-based security infrastructure for trusted internet and grid computing. International Journal of Critical Infrastructures, 2(4), 412-433.

Jian G, Da-Xin L and Bin-Ge C. (2004). An induction learning approach for building intrusion detection models using genetic algorithms. Paper presented at the Proceedings of Fifth World Congress on Intelligent Control and Automation WCICA.

Johnson DB, Maltz DA and Broch J. (2001). DSR: The dynamic source routing protocol for multi-hop wireless ad hoc networks. Ad hoc networking, 5, 139-172.

Katz ML and Shapiro C. (1994). Systems Competition and Network Effects. Journal of Economic Perspectives, 8(2), 93-115.

Kim J and Bentley PJ. (2001). Evaluating negative selection in an artificial immune system for network intrusion detection. Paper presented at the Proceedings of GECCO

Kim J and Bentley PJ. (2001). Towards an artificial immune system for network intrusion detection: An investigation of clonal selection with a negative selection operator. Paper presented at the Proceedings of the 2001 Congress on Evolutionary Computation.

Kim RY, Kwak JS and Etemad K. (2009). WiMAX femtocell: requirements, challenges, and solutions. Communications Magazine, IEEE, 47(9), 84-91.

Kruegel C and Toth T. (2003). Using decision trees to improve signature-based intrusion detection. Paper presented at the Recent Advances in Intrusion Detection.

Lee W and Stolfo. SJ. (2000). A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security (TISSEC), 3(4), 227-261.

Li Xiao, Liu Y and Ni LM. (2005). Improving Unstructured Peer-to-Peer Systems by Adaptive Connection Establishment. IEEE Transactions on Computers, 54(9), 1091-1103.

Lui S, Lang KR and Kwok S. (2002). Participation incentive mechanisms in peer-to-peer subscription systems. Paper presented at the Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS’02).

Marina MK and Das SR. (2001). On-demand multipath distance vector routing in ad hoc networks.

McIlraith SA, Son TC and Zeng H. (2001). Semantic web services. IEEE Intelligent Systems, Special Issue on the Semantic Web, 16(2), 46-53.

Melby NJ. (2005). Comparative Relative Strength in Artificial Immune Systems: System Wellness.

Mills D, Martin J, Burbank J and Kasch W. (2010). Network time protocol version 4: protocol and algorithms specification. Internet Engineering Task Force, Tech. Rep. RFC, 5905.

Mirkovic J, Robinson M and Reiher P. (2003). Alliance formation for DDoS defense.

Oliveira LB, Siqueira IG and Loureiro AAF. (2005). On the performance of ad hoc routing protocols under a peer-topeer application. Journal of Parallel and Distributed Computing, 65(11), 1337-1347.

Panagopoulos AD, Arapoglou PDM and Cottis PG. (2004). Satellite communications at Ku, Ka, and V bands: Propagation impairments and mitigation techniques. Communications Surveys & Tutorials, IEEE, 6(3), 2-14.

Parham P and Janeway CA. (2005). The immune system: Garland Science New York.

Roddy D. (1989). Satellite communications. New Jersey, Englewood Cliffs.

Roussopoulos M, Baker M, Rosenthal D, Guili T, Maniatis P and Mogul J. (2004). 2 P2P or Not 2 P2P? Paper presented at the The 3rd International Workshop on Peer-to-Peer Systems, San Diego, CA, USA.

Srour L, Kayssi A and Chehab A. (2006). Reputation-based algorithm for managing trust in file sharing networks.

Stepney S, Smith R, Timmis J and Tyrrell A. (1974). Towards a conceptual framework for artificial immune systems. Paper presented at the Proceeding of the 3rd International Conference on Artificial Immune Systems (ICARIS), LNCS 3239, 2004: 53-64. 28. teur), 125C.

Uddin M, Khowaja K and Rehman AA. (2010). Dynamic Multi Layer signature based IDS using Mobile Agents. International Journal of Network Security and its Applications, 2(4), 129-141.

Uddin M and Rahman AA. (2011). Reliability of Mobile Ad Hoc Networks through Performance Analysis of TCP Variants over AODV. Journal of Applied Sciences Research, 7(4), 437-446.

Uddin M, Rahman AA, Alarifi A, Talha M, Shah A, Iftikhar M and Zomaya A. (2012). Improving Performance of Mobile Ad hoc Networks using Efficient Tactical on demand Distance Vector (TAODV) Routing Algorithm. International Journal of Innovative Computing, Information and Control (IJICIC), 8(6), 4375-4389.

Wang C, Alqaralleh BA, Zhou BB, Till M and Zomaya AY. (2005). A blast service built on data indexed overlay network. Paper presented at the Proceedings of the First International Conference on e-Science and Grid Computing (ESCIENCE ‘05), IEEE Computer Society, Washington, DC, USA.

A Study on the Vulnerability of AODV Routing Protocol to Resource Consumption Attack

Abstract Views :526 | PDF Views:135

Authors

Maha Abdelhaq ¹, Rosilah Hassan ¹, Mahamod Ismail ²

Affiliations
1 School of Computer Science, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, 43600, Bangi, Selangor, MY
2 Department of Electrical, Electronics and Systems Engineering, Faculty of Engineering, Universiti Kebangsaan Malaysia, 43600 UKM Bangi, Selangor, MY

Source

Indian Journal of Science and Technology, Vol 5, No 11 (2012), Pagination: 3573-3577

Abstract

A Mobile Ad Hoc Network (MANET) is one of the up-to-date technologies supporting communication of mobile devices. It consists of an open environment that comprises a set of mobile, decentralized, and self-organized nodes. MANET is harder to be secured than the other types of static networks. There are many types of attacks that could paralyze the life of the mobile nodes in MANET. One of the most dangerous attacks is the Denial of Service attack (DoS), which in turn could be performed through the Resource Consumption Attack (RCA) over Ad-hoc On demand Distance Vector (AODV) routing protocol. This paper analyzes and studies the RCA effecting factors on AODV performance metrics namely throughput and end-to-end delay under varying the number of connections between the source and the destination and number of RCA attackers number.

Keywords

MANET, Resource Consumption Attack, Denial of Service Attack, AODV Routing Protocol

Full Text

References

Agrawal S, Jain S and Sharma S (2011), A Survey of Routing Attacks and Security Measures in Mobile Ad-Hoc Networks. Journal of Computing, Vol.3, No.1, pp.41-48.

Alsaqour R A, Abdelhaq M S and Alsukour O A (2012), Effect of network parameters on neighbor wireless link breaks in GPSR protocol and enhancement using mobility prediction model, EURASIP Journal on Wireless Communications and Networking, 171.

Cayirci E and Rong C (2009), Security in wireless ad hoc and sensor networks: Wiley Online Library.

Deng H, Li W and Agrawal D P (2002), Routing security in wireless ad hoc networks, IEEE Communications Magazine, Vol.40, No.10, pp.70-75.

Gerhards-Padilla E, Aschenbruck N, Martini P, Jahnke M and Tolle J (2007), Detecting black hole attacks in tactical MANETs using topology graphs. Paper presented at the 32nd IEEE Conference on Local Computer Networks, LCN 2007.

Ghazali K W M and Hassan R (2011), Flooding Distributed Denial of Service Attacks-A Review, Journal of Computer Science, Vol.7, No.8, pp.1218-1223.

Giordano S (2002), Mobile ad hoc networks, Handbook of wireless networks and mobile computing, pp.325-346.

Karlof C and Wagner D (2003), Secure routing in wireless sensor networks: Attacks and countermeasures. Ad Hoc Networks, 1(2), 293-315.

Kurosawa S, Nakayama H, Kato N, Jamalipour A and Nemoto Y (2007), Detecting blackhole attack on AODV-based mobile ad hoc networks by dynamic learning method, International Journal of Network Security, Vol.5, No.3, pp.338-346.

Marti S, Giuli TJ, Lai K and Baker M (2000), Mitigating routing misbehavior in mobile ad hoc networks, Paper presented at the International Conference on Mobile Computing and Networking: Proceedings of the 6 th annual international conference on Mobile computing and networking.

Perkins C E and Royer E M. (1999), Ad-hoc on-demand distance vector routing, Paper presented at the Second IEEE Workshop on Mobile Computing Systems and Applications, WMCSA’99.

Scalable Network Technology (SNT). Electronic References. Retrieved Jun. 25, 2012, from http://www.scalablenetworks.com/content.

Taneja S and Kush A (2010), A Survey of routing protocols in mobile ad hoc networks. International Journal of Innovation, Management and Technology, Vol.1, No.3, pp.2010-0248.

Wallenta C, Kim J, Bentley P J and Hailes S (2010), Detecting interest cache poisoning in sensor networks using an artificial immune algorithm, Applied Intelligence, Vol.32, No.1, pp.1-26.

Wang D, Hu M and Zhi H (2008), A survey of secure routing in ad hoc networks. Paper presented at the The Ninth International Conference on Web-Age Information Management, WAIM’08.

Username
Password
Remember me