Skip to main content
SpringerLink
Log in

Detection of DDoS Attacks via an Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm

  • Conference paper
Applications of Evolutionary Computation (EvoApplications 2010)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6025))

Included in the following conference series:

Abstract

A Distributed Denial of Service Attack is a coordinated attack on the availability of services of a victim system, launched indirectly through many compromised computers. Intrusion detection systems (IDS) are network security tools that process local audit data or monitor network traffic to search for specific patterns or certain deviations from expected behavior. We use an Artificial Immune System (AIS) as a method of anomaly-based IDS because of the similarity between the IDS architecture and the Biological Immune Systems. We improved the jREMISA study; a Multiobjective Evolutionary Algorithm inspired AIS, in order to get better true and false positive rates while detecting DDoS attacks on the MIT DARPA LLDOS 1.0 dataset. We added the method of r-continuous evaluations, changed the Negative Selection and Clonal Selection structure, and redefined the objectives while keeping the general concepts the same. The 100% true positive rate and 0% false positive rate of our approach, under the given parameter settings and experimental conditions, shows that it is very successful as an anomaly-based IDS for DDoS attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abraham, A., Grosan, C., Chen, Y.: Cyber Security and the Evolution of Intrusion Detection Systems. Journal of Educational Technology, Special Issue in Knowledge Management (2005), ISSN 0973-0559

    Google Scholar 

  2. Kannadiga, P., Zulkernine, M.: DIDMA: A Distributed Intrusion Detection System Using Mobile Agents. In: Proceeding of the ACIS 6th International Conference on Software Engineering, Networking and Parallel/Distributed Computing (SNPD/SAWN), pp. 238–245 (2005)

    Google Scholar 

  3. Chandler, J.A.: Security in Cyberspace: Combatting Distributed Denial of Service Attacks. University of Ottawa Law & Technology Journal 1, 231 (2003-2004)

    Google Scholar 

  4. Haag, C.R., Lamont, G.B., Williams, P.D., Peterson, G.L.: An artificial immune systeminspired multiobjective evolutionary algorithm with application to the detection of distributed computer network intrusions. In: GECCO 2007: Genetic and evolutionary computation Conference, London, UK (2007)

    Google Scholar 

  5. Du, Y., Wang, H.-Q., Pang, Y.-G.: IADIDS-Design of A Distributed Intrusion Detection System Based on Independent Agents. In: Proceedings of International Conference on Intelligent Sensing and Information Processing, pp. 254–257 (2004)

    Google Scholar 

  6. Mark, C., Gene, S.: Defending a Computer System using Autonomous Agents. In: Proceedings of the 18th National Information Systems Security Conference (1995)

    Google Scholar 

  7. Uwe, A., Julie, G., Jamie, T.: Immune System Approaches to Intrusion Detection - A Review. In: Nicosia, G., Cutello, V., Bentley, P.J., Timmis, J. (eds.) ICARIS 2004. LNCS, vol. 3239, pp. 316–329. Springer, Heidelberg (2004)

    Google Scholar 

  8. Lin, S.: A Survey on Solutions to Distributed Denial of Service Attacks, Research Proficiency Examination Report, TR-201, Experimental Computer System Lab, SUNY at Stony Brook (2006)

    Google Scholar 

  9. Mahoney, M.V., Chan, P.K.: An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 220–237. Springer, Heidelberg (2003)

    Google Scholar 

  10. Brugger, S.T., Chow, J.: An Assessment of the DARPA IDS Evaluation Dataset Using Snort, UC Davis Technical Report CSE-2007-1, Davis, CA (2007)

    Google Scholar 

  11. MIT Lincoln Laboratory, Information Systems Technology, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/2000/LLS_DDOS_1.0.html

  12. Aickelin, U., Dasgupta, D.: Artificial Immune Systems Tutorial. In: Burke, E., Kendall, G. (eds.) Search Methodologies: Introductory Tutorials in Optimization and Decision Support Methodologies, ch. 13. Springer, Heidelberg (2005)

    Google Scholar 

  13. Coello, C.A., Lamont, G.B., Van Veldhuizen, D.A.: Evolutionary Algorithms for Solving Multi-Objective Problems, Genetic and Evolutionary Computation, 2nd edn. Springer, Heidelberg (2007)

    Google Scholar 

  14. Ethereal: Open-source network protocol analyzer, http://www.ethereal.com

  15. Akyazi, U., Etaner-Uyar, A.S.: Distributed Intrusion Detection using Mobile Agents against DDos Attacks. In: 23rd International Symposium on Computer and Information Sciences (ISCIS). IEEE, Los Alamitos, DOI:10.1109/ISCIS, 4717920, ISBN: 978-1-4244-2880-9 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Engineering Department, Turkish Air Force Academy, Yesilyurt, 34149, Istanbul, Turkey

    Uğur Akyazı

  2. Computer Engineering Department, Istanbul Technical University, Maslak, 34469, Istanbul, Turkey

    A. Şima Uyar

Authors
  1. Uğur Akyazı
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. Şima Uyar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Statistics, University of Strathclyde, 16 Richmond Street, G1 1XQ, Glasgow, UK

    Cecilia Di Chio

  2. School of Business, University College Dublin, Belfield, Dublin 4, UK

    Anthony Brabazon

  3. ’Dalla Molle’ Institute for Artificial Intelligence (IDSIA), Galleria 2, 6928, Manno-Lugano, Switzerland

    Gianni A. Di Caro

  4. Wilhelm Schickard-Institut für Informatik, Universität Tübingen, Sand 1, 72076, Tübingen, Germany

    Marc Ebner

  5. National University of Computer and Emerging Sciences (NUCES), A.K. Brohi Road, H-11/4, Islamabad, Pakistan

    Muddassar Farooq

  6. Fakultät für WiSo, HelmutSchmidt-Universität, Holstenhofweg 85, 22043, Hamburg, Germany

    Andreas Fink

  7. Department of Information Systems, Johannes Gutenberg-Universität, 55099, Mainz, Germany

    Jörn Grahl

  8. Mathematics and Computer Science Depatment, University of Richmond, 23173, Richmond, VA, USA

    Gary Greenfield

  9. Department of Informatics Engineering, Polo II - Pinhal de Marrocos, University of Coimbra, 3030 - 290, Coimbra, Portugal

    Penousal Machado

  10. School of Computer Science and Informatics, University College Dublin, Belfield, Dublin 4, UK

    Michael O’Neill

  11. Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR), Consiglio Nazionale delle Ricerche (CNR), Via P. Castellino 111, 80131, Naples, Italy

    Ernesto Tarantino

  12. School of Computing, Edinburgh Napier University, 10 Clinton Road, EH10 5DT, Edinburgh, UK

    Neil Urquhart

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Akyazı, U., Uyar, A.Ş. (2010). Detection of DDoS Attacks via an Artificial Immune System-Inspired Multiobjective Evolutionary Algorithm. In: Di Chio, C., et al. Applications of Evolutionary Computation. EvoApplications 2010. Lecture Notes in Computer Science, vol 6025. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12242-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12242-2_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12241-5

  • Online ISBN: 978-3-642-12242-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation