Abstract
A Distributed Denial of Service Attack is a coordinated attack on the availability of services of a victim system, launched indirectly through many compromised computers. Intrusion detection systems (IDS) are network security tools that process local audit data or monitor network traffic to search for specific patterns or certain deviations from expected behavior. We use an Artificial Immune System (AIS) as a method of anomaly-based IDS because of the similarity between the IDS architecture and the Biological Immune Systems. We improved the jREMISA study; a Multiobjective Evolutionary Algorithm inspired AIS, in order to get better true and false positive rates while detecting DDoS attacks on the MIT DARPA LLDOS 1.0 dataset. We added the method of r-continuous evaluations, changed the Negative Selection and Clonal Selection structure, and redefined the objectives while keeping the general concepts the same. The 100% true positive rate and 0% false positive rate of our approach, under the given parameter settings and experimental conditions, shows that it is very successful as an anomaly-based IDS for DDoS attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abraham, A., Grosan, C., Chen, Y.: Cyber Security and the Evolution of Intrusion Detection Systems. Journal of Educational Technology, Special Issue in Knowledge Management (2005), ISSN 0973-0559
Kannadiga, P., Zulkernine, M.: DIDMA: A Distributed Intrusion Detection System Using Mobile Agents. In: Proceeding of the ACIS 6th International Conference on Software Engineering, Networking and Parallel/Distributed Computing (SNPD/SAWN), pp. 238–245 (2005)
Chandler, J.A.: Security in Cyberspace: Combatting Distributed Denial of Service Attacks. University of Ottawa Law & Technology Journal 1, 231 (2003-2004)
Haag, C.R., Lamont, G.B., Williams, P.D., Peterson, G.L.: An artificial immune systeminspired multiobjective evolutionary algorithm with application to the detection of distributed computer network intrusions. In: GECCO 2007: Genetic and evolutionary computation Conference, London, UK (2007)
Du, Y., Wang, H.-Q., Pang, Y.-G.: IADIDS-Design of A Distributed Intrusion Detection System Based on Independent Agents. In: Proceedings of International Conference on Intelligent Sensing and Information Processing, pp. 254–257 (2004)
Mark, C., Gene, S.: Defending a Computer System using Autonomous Agents. In: Proceedings of the 18th National Information Systems Security Conference (1995)
Uwe, A., Julie, G., Jamie, T.: Immune System Approaches to Intrusion Detection - A Review. In: Nicosia, G., Cutello, V., Bentley, P.J., Timmis, J. (eds.) ICARIS 2004. LNCS, vol. 3239, pp. 316–329. Springer, Heidelberg (2004)
Lin, S.: A Survey on Solutions to Distributed Denial of Service Attacks, Research Proficiency Examination Report, TR-201, Experimental Computer System Lab, SUNY at Stony Brook (2006)
Mahoney, M.V., Chan, P.K.: An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 220–237. Springer, Heidelberg (2003)
Brugger, S.T., Chow, J.: An Assessment of the DARPA IDS Evaluation Dataset Using Snort, UC Davis Technical Report CSE-2007-1, Davis, CA (2007)
MIT Lincoln Laboratory, Information Systems Technology, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/2000/LLS_DDOS_1.0.html
Aickelin, U., Dasgupta, D.: Artificial Immune Systems Tutorial. In: Burke, E., Kendall, G. (eds.) Search Methodologies: Introductory Tutorials in Optimization and Decision Support Methodologies, ch. 13. Springer, Heidelberg (2005)
Coello, C.A., Lamont, G.B., Van Veldhuizen, D.A.: Evolutionary Algorithms for Solving Multi-Objective Problems, Genetic and Evolutionary Computation, 2nd edn. Springer, Heidelberg (2007)
Ethereal: Open-source network protocol analyzer, http://www.ethereal.com
Akyazi, U., Etaner-Uyar, A.S.: Distributed Intrusion Detection using Mobile Agents against DDos Attacks. In: 23rd International Symposium on Computer and Information Sciences (ISCIS). IEEE, Los Alamitos, DOI:10.1109/ISCIS, 4717920, ISBN: 978-1-4244-2880-9 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Akyazı, U., Uyar, A.Ş. (2010). Detection of DDoS Attacks via an Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm. In: Di Chio, C., et al. Applications of Evolutionary Computation. EvoApplications 2010. Lecture Notes in Computer Science, vol 6025. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12242-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-12242-2_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12241-5
Online ISBN: 978-3-642-12242-2
eBook Packages: Computer ScienceComputer Science (R0)