Abstract
Mobile Ad-hoc Network (MANET) adopts distributed wireless communication without a centralised control. It is more vulnerable to Denial of Service and Distributed Denial of Service attacks due to dynamic topology, limited physical security and decentralized approach. These attacks may collapse the entire communication networks. The detection of such attacks will improve the network security. This paper produces some clarification and a framework based on the Cluster Analysis to identify and to isolate the attacker from the network for detecting DDoS attack. The traffic is involved for XOR Marking to differentiate legitimate and non-legitimate data packets. Thus origin nodes of DDoS attacks are traced and isolated. Preliminary experiments are done with 2000 DARPA Intrusion Detection Scenario Specific Data Set to evaluate our method. The experimental results show that the proposed system is effective and efficient to identify DDoS attack.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cabrera et al (2001) Proactive detection of distributed denial of service attacks using MIB traffic variables—A feasibility study. In: 7th IFIP/IEEE international symposium on integrated network management, Seattle, pp 1–14
Park L(2001) On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. SIGCOMM Comp Commun Rev 31:15–26
Mirkovic J, Reiher P (2005) D-ward: a source-end defense against flooding denial-of-service attacks. IEEE T Depend Secure Comput 2(3):216–232
Jeong WL et al (2006) An effective DDoS attack detection and packet filtering scheme. IEICE T Commun E89-B(7):2033–2042
Jung J, Krishnamurthy B (2002) Flash crowds and denial of service attacks: characterization and implications for CDNs and websites. In: ACM conference on Computer and Communications Security, pp 30–41
Gowadia V et al (2005) PAID: a probabilistic agent-based intrusion detection system. Comput Security 24 (7):529–545
Ioannidis J, Bellovin S (2002) Implementing pushback: router-based defense against DDoS attacks. In: Network and distributed system security symposium, NDSS 2002, San Diego, Feb 2002
Serwadda A, Phoha V, Rai A (2010) Size based scheduling: a recipe for DDoS. In: 17th ACM conference on computer and communication security, CCS 10, pp 729–731
Wu Q, Ferebee D, Lin Y, Dasgupta D (2009) Monitoring security events using integrated correlation based techniques. In: 5th Annual workshop on cyber security and information intelligence research: cyber security and information intelligence challenges and strategies, CSIIRW 09, pp 47:1–47:4
Liao Y, Vemuri VR (2001) Use of K-nearest neighbor classifier for intrusion detection. Comput Security 21(7):439–448
Gavrilis D, Dermatas E (2005): Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Comput Netw 48(2):235–245
Shannon CE, Weaver W (1963) The mathematical theory of communication. University of Illinois Press, Champaign
Tariq U, Hong M, Lhee K (2005) PMS an expeditious marking scheme to combat with the DDoS attack. In: 9th International multi-topic conference, IEEE INMIC 2005, pp 1–4
Acknowledgments
This work is supported by All India Council for Technical Education under Career Award for Young Teachers Scheme, with File No.1-51/FD/CA/13/2008-09 Dated 29.01.2009.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media New York
About this paper
Cite this paper
Devi, P., Kannammal, A. (2013). A Security Framework for DDoS Detection In MANETs. In: Das, V. (eds) Proceedings of the Third International Conference on Trends in Information, Telecommunication and Computing. Lecture Notes in Electrical Engineering, vol 150. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3363-7_36
Download citation
DOI: https://doi.org/10.1007/978-1-4614-3363-7_36
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-3362-0
Online ISBN: 978-1-4614-3363-7
eBook Packages: EngineeringEngineering (R0)