Abstract—With the growing Information Systems and Network technologies, security threats over the systems have also become common. Providing a security mechanism to detect such threats has become an inevitable part of Information Systems. Distributed Denial of Service (DDoS) attack is one of the most common attacks which are done in a co-ordinated manner. Hence, we need a Distributed Intrusion Detection System to detect those attacks. We use mobile agents for the purpose of Intrusion Detection. However, these mobile agents are prone to attacks which may lead to the failure of the IDS as a whole. In this paper, we propose a system for distributed intrusion detection system against DDoS attacks. In our system, we propose two security architectures namely Isolated Trusted Environment SMADIDS and Integrated Trusted Environment SMADIDS based on the mechanism of reference clone to protect the mobile agent from being modified. We also incorporate the functionality of Protocol Analysis Method in combination with the traditional rule based IDS to enhance the Intrusion Detection and to reduce false alarm rate. From the results obtained, it was observed that the system proves to be better in its performance compared to other traditional Intrusion Detection Systems and is found to provide at most security to the Mobile Agents.
Index Terms—Distributed intrusion detection system, self-protected mobile agents, DDoS, reference clone, protocol analysis, network security.
P. Marikkannu is with the Department of Information Technology, Anna University of Technology, Coimbatore, India (e-mail: email@example.com).
J. J. Adri Jovin is with the Department of Computer Science and Engineering, Sri Guru Institute of Technology, Coimbatore India (e-mail: firstname.lastname@example.org).
T. Purusothaman is with the Department of Computer Science and Information Technology, Government College of Technology, Coimbatore India (e-mail: email@example.com).
Cite: P. Marikkannu, J. J. Adri Jovin, and T. Purusothaman, "Self-Protected Mobile Agent Approach for Distributed Intrusion Detection System against DDoS Attacks," International Journal of Information and Electronics Engineering vol. 2, no. 4, pp. 606-611, 2012.