DDoS attack detection in IEEE 802.16 based networks

Abstract Achieving high data rate transmission, WiMAX has acquired noticeable attention by communication industry. One of the vulnerabilities of the WiMAX network which leads to DDoS attack is sending a high volume of ranging request messages to base station (BS) in the initial network entry process. In the initial network entry process, BS and subscriber station (SS) exchange management messages. Since some of these messages are not authenticated, malicious SSs can attack the network by exploiting this vulnerability which may increase the traffic load of the BS and prevent it from serving the SSs. So, detecting such attacks is one of the most important issues in such networks. In this research, an artificial neural network (ANN) based approach is proposed in order to detect DDoS attacks in IEEE 802.16 networks. Although lots of studies have been devoted to the detection of DDoS attack, some of them focus just on some statistical features of the traffic and some other focus on packets’ headers. The proposed approach exploits both qualitative and quantitative methods. It detects the attack by feeding some features of the network traffic under attack to an appropriate ANN structure. To evaluate the method, first a typical attacked network is implemented in OPNet simulator, and then by using the proposed system, the efficiency of the method is evaluated. The results show that by choosing suitable time series we can classify 93 % of normal traffic and 91 % of attack traffic.

[1]  Ki Hoon Kwon,et al.  DDoS attack detection method using cluster analysis , 2008, Expert Syst. Appl..

[2]  Zhu Wang,et al.  A research using hybrid RBF/Elman neural networks for intrusion detection system secure model , 2009, Comput. Phys. Commun..

[3]  Naser Movahhedinia,et al.  An Entropy Based Approach for DDoS Attack Detection in IEEE 802.16 Based Networks , 2011, IWSEC.

[4]  L. Feinstein,et al.  DDoS tolerant networks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[5]  Ming Li,et al.  Change trend of averaged Hurst parameter of traffic under DDOS flood attacks , 2006, Comput. Secur..

[6]  Daniel S. Yeung,et al.  A covariance analysis model for DDoS attack detection , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[7]  Robert K. Cunningham,et al.  Improving Intrusion Detection Performance using Keyword Selection and Neural Networks , 2000, Recent Advances in Intrusion Detection.

[8]  Wanlei Zhou,et al.  Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[9]  Ning Zhang,et al.  Analysis of mobile WiMAX security: Vulnerabilities and solutions , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[10]  Taeshik Shon,et al.  An Analysis of Mobile WiMAX Security: Vulnerabilities and Solutions , 2007, NBiS.

[11]  D. Devaraj,et al.  Network Intrusion Detection using Hybrid Neural Networks , 2007, 2007 International Conference on Signal Processing, Communications and Networking.

[12]  Rasool Jalili,et al.  Detection of Distributed Denial of Service Attacks Using Statistical Pre-processor and Unsupervised Neural Networks , 2005, ISPEC.

[13]  Vyas Sekar,et al.  An empirical evaluation of entropy-based traffic anomaly detection , 2008, IMC '08.

[14]  Saewoong Bahk,et al.  Shared Authentication Information for Preventing DDoS attacks in Mobile WiMAX Networks , 2008, 2008 5th IEEE Consumer Communications and Networking Conference.

[15]  James Cannady Applying CMAC-based online learning to intrusion detection , 2000, Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks. IJCNN 2000. Neural Computing: New Challenges and Perspectives for the New Millennium.

[16]  Richard R. Brooks,et al.  Wavelet based Denial-of-Service detection , 2006, Comput. Secur..

[17]  Antonio Nucci,et al.  Robust and efficient detection of DDoS attacks for large-scale internet , 2007, Comput. Networks.

[18]  Ming Li,et al.  Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack , 2008 .

[19]  Michalis Faloutsos,et al.  Long-range dependence ten years of Internet traffic modeling , 2004, IEEE Internet Computing.

[20]  Yoshua Bengio,et al.  Scaling learning algorithms towards AI , 2007 .

[21]  Naser Movahhedinia,et al.  Traffic analysis for WiMAX network under DDoS attack , 2010, 2010 Second Pacific-Asia Conference on Circuits, Communications and System.

[22]  Gaston Lefranc,et al.  Presentation of an Estimator for the Hurst Parameter for a Self-Similar Process Representing the Traffic in IEEE 802.3 Networks , 2009, Int. J. Comput. Commun. Control.

[23]  Dimitris Gavrilis,et al.  Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features , 2005, Comput. Networks.

[24]  Heba Kamal Aslan,et al.  WiMax Security , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[25]  A.N. Zincir-Heywood,et al.  On the capability of an SOM based intrusion detection system , 2003, Proceedings of the International Joint Conference on Neural Networks, 2003..

[26]  R. Hilgers,et al.  Parameter , 2019, Springer Reference Medizin.