Flow-based Attack Detection and Defense Scheme against DDoS Attacks in Cluster based Ad Hoc Networks

Flow-based Attack Detection and Defense Scheme against DDoS Attacks in Cluster based Ad Hoc Networks

DDoS attacks in MANETs needs to be handled as early as possible so as to avoid them to reach the victim node. DDoS attacks are difficult to detect due to their features like varying attack intensity, large amount of packets etc. so it becomes necessary to distinguish and filter attack traffic in sou...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of advanced networking and applications 2019, Vol.10 (4), p.3905-3910
Hauptverfasser: Deepa, Dhindsa, Dr. Kanwalvir Singh, Bhushan, Dr. Bharat
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Ad hoc networks
Algorithms
Architectural engineering
Clusters
Computer engineering
Computer science
Cybersecurity
Defense mechanisms
Denial of service attacks
Entropy
Information technology
International conferences
Mobile communication systems
Network security
Performance measurement
Security management
Traffic congestion
Windows (intervals)
Wireless networks
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:DDoS attacks in MANETs needs to be handled as early as possible so as to avoid them to reach the victim node. DDoS attacks are difficult to detect due to their features like varying attack intensity, large amount of packets etc. so it becomes necessary to distinguish and filter attack traffic in source or intermediate clusters. Here the cluster heads will uses flow based monitoring schemes to identify the suspicious behaviours of incoming traffic in each clusters. Cluster head constructs flows from the incoming traffic and computes normalized entropy for specific time windows. The normalized entropy is compared against threshold entropy to identify the presence of suspicious flows. Later packet rate of suspicious flow is calculated and compared against packet rate entropy to identify the suspicious flows. Later the suspicious flow information is shared with neighbouring cluster heads to further confirm the presence of DDoS attack or not. If DDoS attack is confirmed the packets related to suspicious flows will be discarded. The efficiency and accuracy of proposed attack detection algorithm is evaluated using some performance metrics.
ISSN:0975-0290
0975-0282
DOI:10.35444/IJANA.2019.10041