Distributed Management Architecture for Cooperative Detection and Reaction to DDoS Attacks

Koutepas, Georgios; Stamatelopoulos, F.; Maglaris, Vasilis

doi:10.1023/b:jons.0000015699.50210.e3

Cited by 26 publications

(17 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The existing wireless network routing protocols are not able to find the routes lengthy than two or more hops if there is no mechanism for defending wormhole attacks which disrupts communication severely. [11,15,19]. Wormhole helps in the networking services as it offers a lengthy network link to the link layer and up which is useful for the attacker to use that link.…”

Section: Threats To Wireless Lanmentioning

confidence: 99%

DISTRIBUTED AGENT BASED TECHNIQUE FOR DETECTING DISTRIBUTED DENIAL-OF-SERVICE (DDoS) ATTACKS IN WLAN

Singh¹,

Dhir²

2018

ijarcs

View full text Add to dashboard Cite

Abstract:By sending large amount of data flows from multiple sites, Distributed Denial-of-Service (DDoS) attacks target the victims. Thus, there is a demand to implement number of DDoS defense techniques all together and collaboratively on many nodes, especially on where there is a need to maintain round-the-clock Internet connectivity. The security mechanism works on a probabilistic basis that is based on the detection of illegitimate traffic and then to discard it, that forced a specific number of legitimate packets to be fallout in the process and reducing the overall quality of service. In this paper a Distributed Agent Based technique for detecting DDoS Attacks in wireless LAN has been proposed. It is fully distributed and provides an early warning when pre-attack activities are detected, using trust mechanisms. From the simulation results it has been found that the proposed distributed agent based architecture achieves high throughput with low packet drop, by detecting and isolating the attack traffic flows.

show abstract

Section: Threats To Wireless Lanmentioning

confidence: 99%

DISTRIBUTED AGENT BASED TECHNIQUE FOR DETECTING DISTRIBUTED DENIAL-OF-SERVICE (DDoS) ATTACKS IN WLAN

Singh¹,

Dhir²

2018

ijarcs

View full text Add to dashboard Cite

show abstract

“…Based on whether to take into account the relationship between traffic, multinodes detection can be further differentiated between distributed detection and network-wide detection. Distributed detection [3][4][5][6][7][8][9][10] is to select some nodes in the network to construct subdetection networks. First, each node deploys simple and fast local detection by selfcollected information; second, exchange detecting results of each node through a certain communication mechanism; then, synthesize the results of partial or all nodes to determine whether anomaly occurs.…”

Section: Related Workmentioning

confidence: 99%

Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis

Yao

et al. 2008

EURASIP J. Adv. Signal Process.

View full text Add to dashboard Cite

Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many links can be prevailing, and does more harm to the networks. Aiming at the similar features of distributed traffic anomaly on many links, this paper proposes a network-wide detection method by performing anomalous correlation analysis of traffic signals' instantaneous parameters. In our method, traffic signals' instantaneous parameters are firstly computed, and their network-wide anomalous space is then extracted via traffic prediction. Finally, an anomaly is detected by a global correlation coefficient of anomalous space. Our evaluation using Abilene traffic traces demonstrates the excellent performance of this approach for distributed traffic anomaly detection.

show abstract

“…propose a cooperative intrusion detection framework [1,2,3], focused on countering DDoS. This platform enables cooperate entities through the network.…”

Section: Related Workmentioning

confidence: 99%

A New Distributed IDS Based on CVSS Framework

Aussibal¹,

Gallon²

2008

2008 IEEE International Conference on Signal Image Technology and Internet Based Systems

View full text Add to dashboard Cite

The objective of this paper is to describe a new distributed Intrusion Detection System (IDS) based on CVSS framework. This new platform uses a wide set of classical IDS and detection entities. This distributed IDS aims to improve the discovery of anomalies by reducing the rate of false positives and false negatives. Entities correlate the different alerts emitted by local probes. The severity of anomalies is evaluated by using a cumulative score of alerts scores.

show abstract

Distributed Management Architecture for Cooperative Detection and Reaction to DDoS Attacks

Cited by 26 publications

References 18 publications

DISTRIBUTED AGENT BASED TECHNIQUE FOR DETECTING DISTRIBUTED DENIAL-OF-SERVICE (DDoS) ATTACKS IN WLAN

DISTRIBUTED AGENT BASED TECHNIQUE FOR DETECTING DISTRIBUTED DENIAL-OF-SERVICE (DDoS) ATTACKS IN WLAN

Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis

A New Distributed IDS Based on CVSS Framework

Contact Info

Product

Resources

About