Multi-Agent pattern recognition mechanism for detecting distributed denial of service attacks

Access Full Text

Multi-Agent pattern recognition mechanism for detecting distributed denial of service attacks

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

© The Institution of Engineering and Technology
Published

Distributed denial of service (DDoS) attacks pose a significant threat to the smooth operations of today's online critical services and applications. Existing mechanisms to detect these attacks have had limited success. With the rapid growth in size and bandwidth of contemporary computer networks, an efficient and effective distributed solution is needed for detecting DDoS attacks. In this study, the authors propose a multiagent pattern recognition mechanism for detecting DDoS attacks, in adistributed fashion. Our proposed solution is very effective in detecting such attacks launched against victim servers residing inside a production network which has multiple gateways to the Internet. Using simulation, the authors show that our proposed mechanism achieves a high degree of accuracy in detecting DDoS attacks, with low false alarm rates, using a reasonable numbers of attack detection agents collaboratively operating in a typical production network. The authors also study the relationship of the number of agents participating in the attack detection process and the false alarm rate of the detection scheme.

Inspec keywords: computer network security; Web services; pattern recognition; network servers; multi-agent systems

Other keywords: multiagent pattern recognition; gateways; production network; computer networks; Internet; false alarm; distributed denial of service attacks; DDoS attack detection; servers; online services

Subjects: Computer networks and techniques; Data security; Expert systems and other AI software and techniques; Distributed systems software

References

    1. 1)
      • Du, W., Deng, J., Han, Y.S., Chen, S., Varshney, P.K.: `A key management scheme for wireless sensor networks using deployment knowledge', Proc. Twenty-third Conf. of the IEEE Communications Society INFOCOM04, 2004, p. 586–597.
    2. 2)
      • Peng, T., Leckie, C., Ramamohanrao, K.: `Detecting distributed denial of service attacks by sharing distributed beliefs', Proc. Eight Australasian Conf. on Information Security and Privacy, ACISP, 2003, p. 214–225.
    3. 3)
      • Yu, J., Fang, C., Lu, L., Li, Z.: `A lightweight mechanism to mitigate application layer DDoS attacks', Proc. Fourth Int. ICST Conf. on Scalable Information Systems, (INFOSCALE), 2009, p. 175–191.
    4. 4)
      • Jin, S., Yeung, D.: `DDoS detection based on feature space modeling', Proc. Third Int. Conf. on Machine learning and Cybernetics, 2004, p. 4210–4215.
    5. 5)
      • Eschenauer, L., Gligor, V.D.: `A key-management scheme for distributed sensor networks', Proc. Ninth ACM Conf. on Computer and Communications Security, 2002, p. 41–47.
    6. 6)
      • G. Carpenter , S. Grossberg . (1998) Adaptive resonance theory, the handbook of brain theory and neural networks.
    7. 7)
      • Gligor, V.D.: `Guaranteeing access in spite of distributed service-flooding attacks', Proc. Int. Workshop on Security Protocols, 2003, p. 80–96.
    8. 8)
      • Y. Chen , K. Hwang , W.S. Ku . Collaborative detection of DDoS attacks over multiple network domains. IEEE Trans. Parallel Distrib. Syst. , 12 , 1649 - 1662
    9. 9)
      • Chan, H., Perrig, A., Song, D.: `Random key predistribution schemes for sensor networks', IEEE Symp. on Security and Privacy, 2003, p. 197–213.
    10. 10)
      • Jalili, R., Imani-Mehr, F., Amini, M., Shahriari, H.: `Detection of distributed denial of service attacks using statistical pre-processor and unsupervised neural networks', Proc. First Information Security Practice and Experience Conf., 2005, p. 192–203.
    11. 11)
      • Kobsa, A., Fink, J.: `Performance evaluation of user modeling servers under real-world workload conditions', Proc. Ninth Int. Conf. on User Modeling, 2003, p. 143–153.
    12. 12)
      • Elliot, J.: `Distributed denial of service attacks and the zombie ant effect', IT Proc, March/April 2000, p. 55–57.
    13. 13)
      • Khan, A.I., Mihailescu, P.: `Parallel pattern recognition computations within a wireless sensor network', Proc. Int. Conf. on Pattern Recognition, 2004, 1, p. 777–780.
    14. 14)
      • G. Zhang , M. Parashar . Cooperative defence against DDoS attacks. J. Res. Pract. Inf. Technol. , 1 , 69 - 84
    15. 15)
      • T. Kohonen . (1995) Self-organizing maps.
    16. 16)
      • B. Nasution , A. Khan . A hierarchical graph neuron scheme for real-time pattern recognition. IEEE Trans. Neural Netw. , 2 , 212 - 229
    17. 17)
      • Baig, Z.A.: `Distributed denial of service attack detection in wireless sensor networks', 2008, PhD, Monash University, Australia.
    18. 18)
      • Khan, A.I.: `A peer-to-peer associative memory network for intelligent information systems', Proc. 13th Australasian Conf. on Information Systems, 2002, 1, p. 1–12.
    19. 19)
      • R. Chang . Defending against flooding-based distributed denial of service attacks: a tutorial. IEEE Commun. Mag. , 10 , 42 - 51
    20. 20)
      • Moore, D., Voelker, G., Savage, S.: `Inferring internet denial-of-service activity', Proc. USENIX Security Symp., 2001, p. 9–22.
    21. 21)
      • E.M. Izhikevich . Weakly pulse-coupled oscillators, fm interactions, synchronization, and oscillatory associative memory. IEEE Trans. Neural Netw. , 508 - 526
    22. 22)
      • Noh, S., Lee, C., Choi, K., Jung, G.: `Detecting distributed denial of service (DDoS) attacks through inductive learning', Proc. Fourth Int. Conf. on Intelligent Data Engineering and Automated Learning, IDEAL, 2003, p. 286–295.
    23. 23)
      • S. Haykin . (1999) Neural networks.
    24. 24)
      • Hussain, A., Heidermann, J., Papadopoulos, C.: `A framework for classifying denial of service attacks', Proc. ACM, SIGCOMM 2003, 2003, p. 99–110.
    25. 25)
      • Servin, A., Kudenko, D.: `Multi-agent reinforcement learning for intrusion detection: A case study and evaluation', Proc. Eighteenth European Conf. on Artificial Intelligence, ECAI, 2008, p. 873–874.
    26. 26)
      • Szymczyk, M.: `Detecting botnets in computer networks using multi-agent technology', Proc. Fourth Int. Conf. on Dependability of Computer Systems, 2009, p. 192–201.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2009.0255
Loading

Related content

content/journals/10.1049/iet-ifs.2009.0255
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading