Article: An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks Journal: International Journal of Embedded Systems (IJES) 2016 Vol.8 No.1 pp.69 - 77 Abstract: Various types of routing attacks and their corresponding countermeasures for mobile ad hoc networks (MANETs) have been identified in the literature study. However problems of computational complexity and false alarms have not yet been reduced. In this paper, we have proposed a proactive detection mechanism for distributed denial of service (DDoS) which considers feature extraction, reduction of entropy, clustering technique and feature ranking. These techniques are approached by statistical analysis and involved for XOR marking to classify legitimate and malicious data packets. Our system applies detection methodologies on each packet, finds abnormalities during the pre-attack phase itself and filters them. Experiments are done with the 2000 DARPA intrusion detection scenario specific dataset to assess detection time, ratio of false alarms, and complexity. The experimental results show the efficiency of proposed system in detection of DDoS attack with larger reduction of false positive and computational complexity. Inderscience Publishers - linking academia, business and industry through research

Title: An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks

Authors: P. Devi; A. Kannammal

Addresses: Department of Computer Applications, Coimbatore Institute of Technology, Avinashi Road, Coimbatore, 641014 Tamil Nadu, India ' Department of Computer Applications, Coimbatore Institute of Technology, Avinashi Road, Coimbatore, 641014 Tamil Nadu, India

Abstract: Various types of routing attacks and their corresponding countermeasures for mobile ad hoc networks (MANETs) have been identified in the literature study. However problems of computational complexity and false alarms have not yet been reduced. In this paper, we have proposed a proactive detection mechanism for distributed denial of service (DDoS) which considers feature extraction, reduction of entropy, clustering technique and feature ranking. These techniques are approached by statistical analysis and involved for XOR marking to classify legitimate and malicious data packets. Our system applies detection methodologies on each packet, finds abnormalities during the pre-attack phase itself and filters them. Experiments are done with the 2000 DARPA intrusion detection scenario specific dataset to assess detection time, ratio of false alarms, and complexity. The experimental results show the efficiency of proposed system in detection of DDoS attack with larger reduction of false positive and computational complexity.

Keywords: mobile ad hoc networks; MANETs; network security; DDoS attacks; DDoS detection; cluster analysis; entropy reduction; statistical analysis; feature extraction; feature ranking; distributed denial of service; clustering; legitimate data packets; malicious data packets; intrusion detection; detection time; false alarms; complexity.

DOI: 10.1504/IJES.2016.073754

International Journal of Embedded Systems, 2016 Vol.8 No.1, pp.69 - 77

Received: 23 Sep 2014
Accepted: 26 Dec 2014
Published online: 17 Dec 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks

Keep up-to-date