Call for Paper - November 2021 Edition
IJCA solicits original research papers for the November 2021 Edition. Last date of manuscript submission is October 20, 2021. Read More

A Probabilistic Approach to Detect and Prevent Bandwidth Depletion Attacks

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Abhijit Boruah
10.5120/ijca2016911507

Abhijit Boruah. A Probabilistic Approach to Detect and Prevent Bandwidth Depletion Attacks. International Journal of Computer Applications 150(5):42-49, September 2016. BibTeX

@article{10.5120/ijca2016911507,
	author = {Abhijit Boruah},
	title = {A Probabilistic Approach to Detect and Prevent Bandwidth Depletion Attacks},
	journal = {International Journal of Computer Applications},
	issue_date = {September 2016},
	volume = {150},
	number = {5},
	month = {Sep},
	year = {2016},
	issn = {0975-8887},
	pages = {42-49},
	numpages = {8},
	url = {http://www.ijcaonline.org/archives/volume150/number5/26092-2016911507},
	doi = {10.5120/ijca2016911507},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Capturing uncertain aspects in network security domain and their analysis by an intelligent agent is an important research domain in the current world of implementing AI in network security. When an intelligent agent is referred to, the picture that immediately comes to minds is a design that can sense the environment and take legitimate decisions by itself based upon the knowledge gathered from its environment. Hence the ability of reasoning among the agents is an important factor which governs this ability to act. There are a lots of knowledge representation schemes which are used in domain specific situations. One such situation is representing knowledge in uncertain domains. Traditional probabilistic languages lack the expressive power to handle relational domains where as classical first-order logic is sufficiently expressive, but again lacks a coherent uncertainty reasoning capability. So, an effort was made to combine both the expressiveness of first order logic as well as plausible reasoning capability of Bayesian networks in a reasoning scheme called Multi Entity Bayesian Networks (MEBN) logic. The proposal in this paper tries to detect and prevent a type of bandwidth depletion attacks (which falls in the category of DOS attacks) by filtering out the features of the network traffic relevant to these attacks and providing them as input to a MEBN model, which finally decides the fate of the traffic i.e. either it is to be allowed to enter the network or flagged as a probable threat in future and dropped.

References

  1. Farraposo, S., Gallon, L., & Owezarski, P. (2005). Network Security and DoS Attacks. Feb–2005. http://www. cert. org/reports/dist_workshop. pdf.
  2. Gu, Q., & Liu, P. (2007). Denial of service attacks. Handbook of Computer Networks: Distributed Networks, Network Planning, Control, Management, and New Trends and Applications, 3, 454-468.
  3. Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review,34(2), 39-53.
  4. Specht, S. M., & Lee, R. B. (2004, September). Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures. In ISCA PDCS (pp. 543-550).
  5. Costa, P. C., Laskey, K. B., Takikawa, M., Pool, M., Fung, F., & Wright, E. J. (2005). MEBN logic: A key enabler for network centric warfare.
  6. Xie, P., Li, J. H., Ou, X., Liu, P., & Levy, R. (2010, June). Using Bayesian networks for cyber security analysis. In Dependable Systems and Networks (DSN), 2010 IEEE/IFIP International Conference on (pp. 211-220). IEEE.
  7. Frigault, M., Wang, L., Singhal, A., & Jajodia, S. (2008, October). Measuring network security using dynamic bayesian network. In Proceedings of the 4th ACM workshop on Quality of protection (pp. 23-30). ACM.
  8. Zhang, S., & Song, S. (2011). A novel attack graph posterior inference model based on Bayesian network. Journal of Information Security, 2(01), 8.
  9. Poolsappasit, N., Dewri, R., & Ray, I. (2012). Dynamic security risk management using bayesian attack graphs. Dependable and Secure Computing, IEEE Transactions on, 9(1), 61-74.
  10. Ou, X., & Singhal, A. (2011). The Common Vulnerability Scoring System (CVSS). Quantitative Security Risk Assessment of Enterprise Networks, 9-12.
  11. Boruah, A., & Hazarika, S. M. (2014, February). An MEBN framework as a dynamic firewall's knowledge flow architecture. In Signal Processing and Integrated Networks (SPIN), 2014 International Conference on (pp. 249-254). IEEE.
  12. Karig, D., & Lee, R. (2001). Remote denial of service attacks and countermeasures. Princeton University Department of Electrical Engineering Technical Report CE-L2001-002.
  13. Specht, S. M., & Lee, R. B. (2004, September). Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures. In ISCA PDCS (pp. 543-550).
  14. Cisco Ebook: Chapter 01: Introduction to Network Security Principles (Part03) (Cisco Ebook: Chapter 01: Introduction to Network Security Principles (Part03)).
  15. Laskey, K. B. (2006). MEBN: A logic for open-world probabilistic reasoning.
  16. UnBBayes - The UnBBayes Site (UnBBayes - The UnBBayes Site)
  17. Carvalho, R., Laskey, K., Santos, L., Ladeira, M., Costa, P., & Matsumoto, S. (2010). UnBBayes: modeling uncertainty for plausible reasoning in the semantic web. INTECH Open Access Publisher.

Keywords

Keywords: Probabilistic reasoning, DDoS, Uncertain, MEBN, UnBBayes.