P2P-AIS: A P2P Artificial Immune Systems Architecture for Detecting DDoS Flooding Attacks

摘要

The Human Immune System (HIS) plays an important role in protecting the human body from various intruders ranging from naive germs to the most sophisticated viruses. It acts as an Intrusion Detection and Prevention System (IDPS) for the human body and detects anomalies that make the body deviate from its normal behavior. This inspired researchers to build Artificial Immune Systems (AISes) which imitate the behavior of the HIS and are capable of protecting hosts or networks from attacks. An Artificial Immune System (AIS) is capable of detecting novel attacks because it is trained to differentiate between the normal behavior (self) and the abnormal behavior (non-self) during a tolerization (i.e training) period. Although several AISes have been proposed, only a few make use of collaborative approaches. In this paper we propose P2P-AIS, a P2P approach for AISes in which peers exchange intrusion detection experience in order to enhance attack detection and mitigation. P2P-AIS implements Chord as a distributed hash table (DHT) protocol to organize the peers.