A Security Framework for DDoS Detection In MANETs

  • P. Devi
  • A. Kannammal
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 150)


Mobile Ad-hoc Network (MANET) adopts distributed wireless communication without a centralised control. It is more vulnerable to Denial of Service and Distributed Denial of Service attacks due to dynamic topology, limited physical security and decentralized approach. These attacks may collapse the entire communication networks. The detection of such attacks will improve the network security. This paper produces some clarification and a framework based on the Cluster Analysis to identify and to isolate the attacker from the network for detecting DDoS attack. The traffic is involved for XOR Marking to differentiate legitimate and non-legitimate data packets. Thus origin nodes of DDoS attacks are traced and isolated. Preliminary experiments are done with 2000 DARPA Intrusion Detection Scenario Specific Data Set to evaluate our method. The experimental results show that the proposed system is effective and efficient to identify DDoS attack.


DDoS attack DDoS detection Cluster analysis XOR marking Security framework 



This work is supported by All India Council for Technical Education under Career Award for Young Teachers Scheme, with File No.1-51/FD/CA/13/2008-09 Dated 29.01.2009.


  1. 1.
    Cabrera et al (2001) Proactive detection of distributed denial of service attacks using MIB traffic variables—A feasibility study. In: 7th IFIP/IEEE international symposium on integrated network management, Seattle, pp 1–14Google Scholar
  2. 2.
    Park L(2001) On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. SIGCOMM Comp Commun Rev 31:15–26CrossRefGoogle Scholar
  3. 3.
    Mirkovic J, Reiher P (2005) D-ward: a source-end defense against flooding denial-of-service attacks. IEEE T Depend Secure Comput 2(3):216–232Google Scholar
  4. 4.
    Jeong WL et al (2006) An effective DDoS attack detection and packet filtering scheme. IEICE T Commun E89-B(7):2033–2042Google Scholar
  5. 5.
    Jung J, Krishnamurthy B (2002) Flash crowds and denial of service attacks: characterization and implications for CDNs and websites. In: ACM conference on Computer and Communications Security, pp 30–41Google Scholar
  6. 6.
    Gowadia V et al (2005) PAID: a probabilistic agent-based intrusion detection system. Comput Security 24 (7):529–545Google Scholar
  7. 7.
    Ioannidis J, Bellovin S (2002) Implementing pushback: router-based defense against DDoS attacks. In: Network and distributed system security symposium, NDSS 2002, San Diego, Feb 2002Google Scholar
  8. 8.
    Serwadda A, Phoha V, Rai A (2010) Size based scheduling: a recipe for DDoS. In: 17th ACM conference on computer and communication security, CCS 10, pp 729–731Google Scholar
  9. 9.
    Wu Q, Ferebee D, Lin Y, Dasgupta D (2009) Monitoring security events using integrated correlation based techniques. In: 5th Annual workshop on cyber security and information intelligence research: cyber security and information intelligence challenges and strategies, CSIIRW 09, pp 47:1–47:4Google Scholar
  10. 10.
    Liao Y, Vemuri VR (2001) Use of K-nearest neighbor classifier for intrusion detection. Comput Security 21(7):439–448Google Scholar
  11. 11.
    Gavrilis D, Dermatas E (2005): Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Comput Netw 48(2):235–245CrossRefGoogle Scholar
  12. 12.
    Shannon CE, Weaver W (1963) The mathematical theory of communication. University of Illinois Press, ChampaignGoogle Scholar
  13. 13.
    Tariq U, Hong M, Lhee K (2005) PMS an expeditious marking scheme to combat with the DDoS attack. In: 9th International multi-topic conference, IEEE INMIC 2005, pp 1–4Google Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  1. 1.Department of Computer ApplicationsAnna University of TechnologyCoimbatoreIndia
  2. 2.Department of Computer ApplicationsCoimbatore Institute of TechnologyCoimbatoreIndia

Personalised recommendations