Self-Protected Mobile Agent Approach for DistributedIntrusion Detection System against DDoS Attacks

Abstract

With the growing Information Systems and Network technologies, security threats over the systems have also become common. Providing a security mechanism to detect such threats has become an inevitable part of Information Systems. Distributed Denial of Service (DDoS) attack is one of the most common attacks which are done in a co-ordinated manner. Hence, we need a Distributed Intrusion Detection System to detect those attacks. We use mobile agents for the purpose of Intrusion Detection. However, these mobile agents are prone to attacks which may lead to the failure of the IDS as a whole. In this paper, we propose a system for distributed intrusion detection system against DDoS attacks. In our system, we propose two security architectures namely Isolated Trusted Environment SMADIDS and Integrated Trusted Environment SMADIDS based on the mechanism of reference clone to protect the mobile agent from being modified. We also incorporate the functionality of Protocol Analysis Method in combination with the traditional rule based IDS to enhance the Intrusion Detection and to reduce false alarm rate. From the results obtained, it was observed that the system proves to be better in its performance compared to other traditional Intrusion Detection Systems and is found to provide at most security to the Mobile Agents. Keywords-Distributed Intrusion Detection System, Selfprotected mobile agents, DDoS, Reference Clone, Protocol Analysis, Network Security