Abstract
This paper deals with detection of SYN flooding attacks which are the most common type of attacks in a Mobile Agent World. We propose a new framework for the detection of flooding attacks by integrating Divergence measures over Sketch data structure. We compare three divergence measures (Hellinger Distance, Chi-square and Power divergence) to analyze their detection accuracy. The performance of the proposed framework is investigated in terms of detection probability and false alarm ratio. We focus on tuning the parameter of Divergence Measures to optimize the performance. We conduct performance analysis over publicly available real IP traces, in Mobile Agent Network, integrated with flooding attacks. Our experimental results show that Power Divergence outperforms Chi-square divergence and Hellinger distance in network anomalies detection in terms of detection and false alarm.
Original language | English |
---|---|
Journal | International Journal of Wireless & Mobile Networks (IJWMN) |
Volume | 9 |
Issue number | 3 |
DOIs | |
Publication status | Published - 1 Jun 2017 |
Keywords
- mobile agents
- SYN flooding
- Hellinger distance
- Chi-square
- Power Divergence
- Sketch technique
- IP networks