Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network

摘要

Distributed Denial of Service (DDoS) attacks are an increasing threat to the Internet community. Intrusion Detection Systems (IDSs) have become a key component in ensuring the safety of systems and networks. As networks grow in size and speed, efficient scalable techniques should be available for IDSs. Gnutella is a Peer to-Peer (P2P) networking model that currently provides decentralized file-sharing capabilities to its users but the distinction between server and client is pale. Due to Gnutella’s dependence on a central unit, the program is vulnerable to security breaches. Methods/Statistical analysis: An IDS to detect DDoS attacks by simulating Artificial Immune System (AIS) is herein proposed. The proposed system uses an algorithm based on anomaly and signature-based detection mapped to AIS called “Generation of Detector (Genetic Algorithm)” to detect DDoS attacks. Each time an attack is identified, a new generation is added to the detectors dataset to detect the intrusions. Results: Simulation results show that the proposed method not only has adaptability, scalability, flexibility and variety but also has high accuracy and correctness. Conclusion/Application: The proposed algorithm efficiently reduces the false positives, thus the detection rate of intrusions is increased. Hence, the overall detection rate increases which ultimately increases the functional efficiency of the network to an acceptable level.