期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2014
卷号:67
期号:2
出版社:Journal of Theoretical and Applied
摘要:Network immune systems have been developed in many ways but differ with the feature set used and suffer with identifying network threats in efficient manner. We propose a multi feature inference model which uses various parameters of network flow. Unlike earlier approaches, the proposed method infers valuable knowledge from the packet flow and packet details to detect DDOS attacks. The proposed method uses, hop count, hop details, payload, Time to live with time variant information�s. The network packets are monitored about their traversal, through which they forwarded towards destination. We consider the botnet attacks, which is supported by dedicated nodes distributed throughout intermediate network. Whenever a new packet received at the network various features are extracted and we compute the probability of genuine value according to the features. The proposed immune system maintains packet trace for each of the packet received at various time domains. At each time window, for each distinct traversal path an probability value is computed using the features extracted from traffic trace. The inferred results are applied do denial the service for the malicious nodes. The result will be inferred using computed probability value to allow or deny the packet into the network.
关键词:Intrusion Detection System; Network Immune System; Botnet; Flow Based Inference Model; Denial of Service Attacks.
