A Multi-agent System-based Method of Detecting DDoS Attacks

Full Text (PDF, 1044KB), PP.53-64

Views: 0 Downloads: 0

Author(s)

Xin Zhang 1 Ying ZHANG 2,* Raees ALTAF 1 Xin FENG 1

1. School of Computer Science and Technology Changchun University of Science and Technology

2. School of Control and Computer Engineering North China Electric Power University

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2018.02.07

Received: 13 Dec. 2017 / Revised: 27 Dec. 2017 / Accepted: 7 Jan. 2018 / Published: 8 Feb. 2018

Index Terms

Bayesian classifier, DDoS attack detection, Agent technology

Abstract

Distributed denial of service attacks are the acts aiming at the exhaustion of the limited service resources within a target host and leading to the rejection of the valid user service request. During a DDoS attack, the target host is attacked by multiple, coordinated attack programs, often with disastrous results. Therefore, the effective detection, identification, treatment, and prevention of DDoS attacks are of great significance. Based on the research of DDoS attack principles, features and methods, combined with the possible scenarios of DDoS attacks, a Multi-Agent System-based DDoS attack detection method is proposed in this paper to implement DDoS attack detection for high-load communication scenarios. In this paper, we take the multi-layer communication protocols into consideration to carry out categorizing and analyzing DDoS attacks. Especially given the high-load communication scenarios, we make an effort to exploring a possible DDoS attack detection method with employing a target-driven multi-agent modeling methodology to detect DDoS attacks relying on considering the inherent characteristics of DDoS attacks. According to the experiments verification, the proposed DDoS attack detection method plays a better detection performance and is less relevant with the data unit granularity. Meanwhile, the method can effectively detect the target attacks after the sample training. The detection scheme based on the agent technology can reasonably perform the pre-set behaviors and with good scalability to meet the follow-further requirements of designing and implementing the prototype software.

Cite This Paper

Xin ZHANG, Ying ZHANG, Raees ALTAF, Xin FENG, "A Multi-agent System-based Method of Detecting DDoS Attacks", International Journal of Computer Network and Information Security(IJCNIS), Vol.10, No.2, pp.53-64, 2018. DOI:10.5815/ijcnis.2018.02.07

Reference

[1]Mirkovic J, Reiher P. A taxonomy of DDoS attack and DDoS defense mechanisms[J]. Acm Sigcomm Computer Communication Review, 2004, 34(2):39-53.
[2]Zhou W, Jia W, Wen S, et al. Detection and defense of application-layer DDoS attacks in backbone web traffic[J]. Future Generation Computer Systems, 2014, 38(3):36-46.
[3]Sun Z X, Tang Y W, Zhang W, et al. A Router Anomaly Traffic Filter Algorithm Based on Character Aggregation[J]. Journal of Software, 2006, 17(17):295-304.
[4]Lemon J. Resisting SYN flood DoS attacks with a SYN cache[C] Proceedings of the BSD Conference 2002 on BSD Conference. USENIX Association, 2002:10-10.
[5]Peng T,Leckie C,Ramamohanarao K. Survey of network-based defense mechanisms countering the DoS and DDoS problems [J]. ACM Computing Surveys, 2007, 39(1):1-42.
[6]Wang H,Zhang D,Shin K. Detecting SYN flooding attacks[C]. In: Proc. of IEEE INFOCOM, IEEE Computer Society, 2002: 1530-1539.
[7]Zade M A R, Patil S H. A Survey On Various Defense Mechanisms Against Application Layer Distributed Denial Of Service Attack[J]. International Journal on Computer Science & Engineering, 2011, 3(11).
[8]Ismaila Idris, Obi Blessing Fabian, Shafi’i M. Abdulhamid, Morufu Olalere, Baba Meshach,"Distributed Denial of Service Detection using Multi Layered Feed Forward Artificial Neural Network", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.12, pp.29-35, 2017.DOI: 10.5815/ijcnis.2017.12.04
[9]Ashish Kumar Khare, J. L. Rana, R. C. Jain,"Detection of Wormhole, Blackhole and DDOS Attack in MANET using Trust Estimation under Fuzzy Logic Methodology", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.7, pp.29-35, 2017.DOI: 10.5815/ijcnis.2017.07.04
[10]Karanbir Singh, Kanwalvir Singh Dhindsa, Bharat Bhushan,"Distributed Defense: An Edge over Centralized Defense against DDos Attacks", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.3, pp.36-44, 2017.DOI: 10.5815/ijcnis.2017.03.05
[11]Kai M T. Confusion Matrix[M]. Springer US, 2017.