Detection of UDP and HTTP Anomalies on Real Time Traffic Based on NIDS using OURMON Tool
Keywords:
UDP, DDOS, IDS, HTT, NIDSAbstract
UDP traffic has recently been used extensively in flooding-based distributed denial of service (DDoS) attacks, most notably by those launched by the Anonymous group. the use of this criterion to classify UDP traffic with the goal of detecting malicious addresses that launch flooding-based UDP DDoS attacks. We conducted our experiments on real time network traffic including large corporations (edge and core), ISPs, universities, financial institutions, etc. In addition, we also conducted experiments on ourmon tool of our own. All the experiments indicate that proportional packet rate assumption generally holds for benign UDP traffic and can be used as a reasonable criterion to differentiate DDoS and non-DDoS traffic. We designed and implemented a prototype classifier based on this criterion and discuss how it can be used to effectively thwart UDP-based flooding attacks.
References
- Garuba, M., Liu, C. & Fraites, D. (2008). Intrusion Techniques: Comparative Study of Network Intrusion Detection Systems. In Proceeding of Fifth International Conference on Information Technology: New Generation, IEEE, 2008.
- Yan Qial and Xie Weixin, "A Network IDS with Low False Positive Rate" In Proc. of the 2002 Congress on Evolutionary Computation, Vol.2, pp. 1121-1126, 2002. 13
- Manasi Gyanchandani*, J.L.Rana**, R.N.Yadav* Taxonomy of Anomaly Based Intrusion Detection System: A Review International Journal of Scientific and Research Publications, Volume 2, Issue 12, December 2012
- P. Garc?a-Teodoroa, J. D?az-Verdejoa Anomaly-based network intrusion detection Techniques, systems and challenges elseivier computer security 2009
- Dr. Fengmin Gong, Chief Scientist, McAfee Network Security Technologies Group Deciphering Detection Techniques: Part II Anomaly-Based Intrusion Detection .
- Karthikeyan .K.R and A. Indra Intrusion Detection Tools and Techniques – A Survey International Journal of Computer Theory and Engineering, Vol.2, No.6, December, 2010
- Sandip Sonawane , Shailendra Pardeshi and Ganesh Prasad A survey on intrusion detection techniques World Journal of Science and Technology 2012
- Mikhail Gordeev Intrusion Detection: Techniques and Approaches www.forum-intrusion.com/archive/Intrusion 2003
- V. Jyothsna V. V. Rama Prasad A Review of Anomaly based Intrusion Detection Systems International Journal of Computer Applications
- Hu Zhengbing1,2, Li Zhitang1 A Novel Network Intrusion Detection System(NIDS) Based on Signatures Search of Data Mining 2008 Workshop on Knowledge Discovery and Data Mining .
- Mohammad Sazzadul Hoque1, Md. Abdul Mukit International Journal of Network Security & Its Applications , AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHM Vol.4, No.2, March 2012
- Iosif-Viorel Onut and Ali A. Ghorbani Toward A Feature Classification Scheme For Network Intrusion Detection Proceedings of the 4th Annual Communication Networks and Services Research Conference 2006 IEEE 13Faizal M. A.1, Mohd Zaki Mas’ud Threshold Verification Technique for Network Intrusion Detection System International Journal of Computer Science and Information Security, Vol. 2, No. 1, 2009
- Xin Zhao, Fang Liu, LuYing Chen, Zhenming Lei RESEARCH ON PORTSCAN DETECTION BASED ON SELECTIVE PACKET SAMPLING Proceedings of AIAI2010
- Alper T. Mzrak Detecting Malicious Packet Loss IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, FEBRUARY 2009
- Papadogiannakis, A., Polychronakis, M. & P. Markatos, E., (2010). Improving the Accuracy of Network Intrusion Detection System Under. Load Using Selective Packet Discarding. European Conference on Computer System, Paris, France.
Downloads
Published
Issue
Section
License
Copyright (c) IJSRSET
This work is licensed under a Creative Commons Attribution 4.0 International License.