Detection of UDP and HTTP Anomalies on Real Time Traffic Based on NIDS using OURMON Tool

Authors

  • Mahendra Kumar Rai  Shri Ram Institute of Technology (SRIT), Jabalpur, Madhya Pradesh, India
  • Vijay Shankar Mishra  Shri Ram Institute of Technology (SRIT), Jabalpur, Madhya Pradesh, India

Keywords:

UDP, DDOS, IDS, HTT, NIDS

Abstract

UDP traffic has recently been used extensively in flooding-based distributed denial of service (DDoS) attacks, most notably by those launched by the Anonymous group. the use of this criterion to classify UDP traffic with the goal of detecting malicious addresses that launch flooding-based UDP DDoS attacks. We conducted our experiments on real time network traffic including large corporations (edge and core), ISPs, universities, financial institutions, etc. In addition, we also conducted experiments on ourmon tool of our own. All the experiments indicate that proportional packet rate assumption generally holds for benign UDP traffic and can be used as a reasonable criterion to differentiate DDoS and non-DDoS traffic. We designed and implemented a prototype classifier based on this criterion and discuss how it can be used to effectively thwart UDP-based flooding attacks.

References

  1. Garuba, M., Liu, C. & Fraites, D. (2008). Intrusion Techniques: Comparative Study of Network Intrusion Detection Systems. In Proceeding of Fifth International Conference on Information Technology: New Generation, IEEE, 2008.
  2. Yan Qial and Xie Weixin, "A Network IDS with Low False Positive Rate" In Proc. of the 2002 Congress on Evolutionary Computation, Vol.2, pp. 1121-1126, 2002. 13
  3. Manasi Gyanchandani*, J.L.Rana**, R.N.Yadav* Taxonomy of Anomaly Based Intrusion Detection System: A Review International Journal of Scientific and Research Publications, Volume 2, Issue 12, December 2012
  4. P. Garc?a-Teodoroa, J. D?az-Verdejoa Anomaly-based network intrusion detection Techniques, systems and challenges elseivier computer security 2009
  5. Dr. Fengmin Gong, Chief Scientist, McAfee Network Security Technologies Group Deciphering Detection Techniques: Part II Anomaly-Based Intrusion Detection .
  6. Karthikeyan .K.R and A. Indra Intrusion Detection Tools and Techniques – A Survey International Journal of Computer Theory and Engineering, Vol.2, No.6, December, 2010
  7. Sandip Sonawane , Shailendra Pardeshi and Ganesh Prasad A survey on intrusion detection techniques World Journal of Science and Technology 2012
  8. Mikhail Gordeev Intrusion Detection: Techniques and Approaches www.forum-intrusion.com/archive/Intrusion 2003
  9. V. Jyothsna V. V. Rama Prasad   A Review of Anomaly based Intrusion Detection Systems International Journal of Computer Applications
  10. Hu Zhengbing1,2, Li Zhitang1 A Novel Network Intrusion Detection System(NIDS) Based on Signatures Search of Data Mining 2008 Workshop on Knowledge Discovery and Data Mining .
  11. Mohammad Sazzadul Hoque1, Md. Abdul Mukit International Journal of Network Security & Its Applications , AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHM Vol.4, No.2, March 2012
  12. Iosif-Viorel Onut and Ali A. Ghorbani Toward A Feature Classification Scheme For Network Intrusion Detection Proceedings of the 4th Annual Communication Networks and Services Research Conference 2006 IEEE 13Faizal M. A.1, Mohd Zaki Mas’ud Threshold Verification Technique for Network Intrusion Detection System International Journal of Computer Science and Information Security, Vol. 2, No. 1, 2009
  13. Xin Zhao, Fang Liu, LuYing Chen, Zhenming Lei RESEARCH ON PORTSCAN DETECTION BASED ON SELECTIVE PACKET SAMPLING Proceedings of AIAI2010
  14. Alper T. Mzrak Detecting Malicious Packet Loss IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, FEBRUARY 2009
  15. Papadogiannakis, A., Polychronakis, M. & P. Markatos, E., (2010). Improving the Accuracy of Network Intrusion Detection System Under. Load Using Selective Packet Discarding. European Conference on Computer System, Paris, France.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2015-08-25

Issue

Volume 1, Issue 4, July-August-2015

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Mahendra Kumar Rai, Vijay Shankar Mishra, " Detection of UDP and HTTP Anomalies on Real Time Traffic Based on NIDS using OURMON Tool, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 4, pp.286-290, July-August-2015.