Browse > Article
http://dx.doi.org/10.5391/JKIIS.2003.13.2.148

A Study on Network based Intelligent Intrusion Prevention model by using Fuzzy Cognitive Maps on Denial of Service Attack  

Lee, Se-Yul (대전대학교 컴퓨터공학부)
Kim, Yong-Soo (대전대학교 컴퓨터공학부)
Sim, Kwee-Bo (중앙대학교 전자전기공학부)
Publication Information
Journal of the Korean Institute of Intelligent Systems / v.13, no.2, 2003 , pp. 148-153 More about this Journal
Abstract
A DoS(Denial of Service) attack appears in the form of the intrusion attempt and Syn Flooding attack is a typical example. The Syn Flooding attack takes advantage of the weak point of 3-way handshake between the end-points of TCP which is the connection-oriented transmission service and has the reliability This paper proposes a NIIP(Network based Intelligent Intrusion Prevention) model. This model captures and analyzes the packet informations for the detection of Syn Flooding attack. Using the result of analysis of decision module, the decision module, which utilizes FCM(Fuzzy Cognitive Maps), measures the degree of danger of the DoS and trains the response module to deal with attacks. This model is a network based intelligent intrusion prevention model that reduces or prevents the danger of Syn Flooding attack.
Keywords
Syn Flooding Attack; Denial of Service;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Ming Li, Weijia Jia, Wei Zhao, "Decision analysis of network-based intrusion detection systems for denial-of-service attacks," Info-tech and Info-net, 2001. Proceedings. ICII 2001 - Beijing, 2001 International Conferences on , Vol. 5, pp. 1-6, 2001.
2 C. K. Fung and M. C. Lee, "A denial-of-service resistant public-key authentication and key establishment protocol," Performance, Computing, and Communications Conference, 2002. 21st IEEE International , pp. 171-178, 2002.
3 K. B. Sim , J. W. Yang, D. W. Lee, S. Y. Lee, Y. S. Kim, et al., "Intrusion Detection System of Network Based on Biological Immune System," Journal of Fuzzy Logic And Intelligent Systems, Vol. 12, No. 5, pp. 411-416, 2002.   과학기술학회마을   DOI   ScienceOn
4 Aman Garg and A. L. Narasimha Reddy, "Policy Based End Server Resource Regulation," IEEE/ACM Transactions on Networking, Vol. 8, No. 2, pp. 146-157, 2000.   DOI   ScienceOn
5 Computer Emergency Response Team, "TCP Syn Flooding and IP Spoofing Attacks," CERT Advisory: CA, 96-21, 1996.
6 SEC-INFO mailing list. http://www.certcc.or.kr/mail-archive/si-mail/0184.html, 2001.
7 D. M. Gregg, W. J. Blackert, D. V. Heinbuch and D. Furnanage," Assessing and quantifying denial of service attacks," Military Communications Conference, 2001, Communications for Network-Centric Operations: Creating the Information Force. IEEE, Vol. 1, pp. 76-80, 2001.
8 E. J. Lee. " A Study on Intrusion Detection System through Network," Master Thesis, Inchon University, pp. 56-60, 2001.
9 Y. W. Chen, "Study on the prevention of SYN flooding by using traffic policing," Network Operations and Management Symposium, 2000, IEEE/lFIP, pp. 593-604, 2000.
10 S. Y. Lee and Y. S. Kim, "A RTSD Mechanism for Detection of DoS Attack on TCP Network," Proceedings of KFIS 2002 Spring Conference, pp. 252-255, 2002.
11 C. L. Schuba, I. V. Krsul, M. G. Khun, E. H. Spaford, A. Sundram, and D. Zamboni, "Analysis of a denial of service attack on tcp," 1997 IEEE Symposium on Security and Privacy, 1997.
12 Syncookies mailing list. ftp://koobera.math.uic.edu/pub/docs/syncookies-archive, 1996.