Abstract
Achieving high data rate transmission, WiMAX has acquired noticeable attention by communication industry. One of the vulnerabilities of the WiMAX network which leads to DDoS attack is sending a high volume of ranging request messages to base station (BS) in the initial network entry process. In the initial network entry process, BS and subscriber station (SS) exchange management messages. Since some of these messages are not authenticated, malicious SSs can attack the network by exploiting this vulnerability which may increase the traffic load of the BS and prevent it from serving the SSs. So, detecting such attacks is one of the most important issues in such networks. In this research, an artificial neural network (ANN) based approach is proposed in order to detect DDoS attacks in IEEE 802.16 networks. Although lots of studies have been devoted to the detection of DDoS attack, some of them focus just on some statistical features of the traffic and some other focus on packets’ headers. The proposed approach exploits both qualitative and quantitative methods. It detects the attack by feeding some features of the network traffic under attack to an appropriate ANN structure. To evaluate the method, first a typical attacked network is implemented in OPNet simulator, and then by using the proposed system, the efficiency of the method is evaluated. The results show that by choosing suitable time series we can classify 93 % of normal traffic and 91 % of attack traffic.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Vafea, A. (2006). Security of IEEE 802.16. master of information and communication systems security. Department of Computer and Systems—Science Royal Institute of Technology.
Jamshed, H. (2006). Security issues of IEEE 802.16 (WiMAX), school of computer and information science. Australia: Edith Cowan University.
Eren, E. (2007). WiMAX security architecture—Analysis and assessment. In: IEEE international workshop on intelligent data acquisition and advanced computing systems, Technology and Applications Dortmund, Germany, September 6–8.
Youngwook, L. Hyoung-Kyu, B., & Saewoong. (2007). Shared authentication information for preventing DDoS attacks in mobile WiMAX networks. In IT R&D program of MIC/IITA, Korea IEEE, 2007.
Shon T., & Choi, W. (2007). An analysis of mobile WiMAX security: Vulnerabilities and solutions. In: T. Enokido, L. Barolli, M. Takizawa (Eds.), NBiS 2007, LNCS 4658 (pp 88–97). Berlin: Springer.
Boom, D. (2004) Denial of service vulnerabilities. In IEEE 802.16 Wireless Networks. Master thesis at Naval Postgraduate School Monterey, California, IEEE 2004.
Nasreldin, M., Aslan, H., El-Hennawy, M., & El-Hennawy, A. (2008). WiMAX security. In 22nd International conference on advanced information networking and applications IEEE, 2008.
Feinstein, L., Schnackenberg, D., Balupari, R., & Kindred, D. (2003). DDoS tolerant networks. In Proceedings of the DARPA information survivability conference and exposition (DISCEX’03): IEEE, 2003.
Jin, S., & Yeung, D. S. (2004). a covariance analysis model for DDoS attack detection. In Proceeding of IEEE communications society, vol 4, 2004.
Carl, G., Brooks, R. R., & Rai, S. (2006). Wavelet based denial-of-service detection. Computers & Security, 25, 15.
Lu, K., Wu, D., Fan, J., Todorovic, S., & Nucci, A. (2007). Robust and efficient detection of DDoS attacks for large-scale internet. Computer Networks, 51(18), 5036–5056.
Lee, K., Kim, J., Kwon, K. H., Han, Y., & Kim, S. (2008). DDoS attack detection method using cluster analysis. ESWA, 34, 1659–1665.
George Nychis, V. S., Andersen, D. G., Kim, H., & Zhang, H. (2008). An empirical evaluation of entropy-based traffic anomaly detection. In IMC’ 08. Greece: ACM.
Shui Yu, W. Z. (2008). Entropy-based collaborative detection of DDOS attacks on community networks. In Sixth annual IEEE international conference on pervasive computing and communication.
Kar, S., & Sahoo, B. (2009). An anomaly detection system for DDoS Attack in grid computing. International Journal of Computer Applications in Engineering, Technology and Sciences (ij-ca-ets) 1, 553.
Li, M. (2006). Change trend of averaged Hurst parameter of traffic under DDOS flood attacks. Computer & Security, 25, 8.
Li, M., & Zhao, W. (2008). Detection of variations of local irregularity of traffic under DDOS flood attack. Mathematical Problems in Engineering. doi:10.1155/2008/475878.
Lippman, R. P., & Cunningham, R. K. (2000). Improving intrusion detection performance using keyword selection and neural networks. Computer Networks, 34, 7.
Cannady, J. (2002). Applying CMAC-based online learning to intrusion detection. In: IJCNN, Vol. 5: IEEE, 2002.
Kumar, P. G., & Devaraj, D. (2007). Network intrusion detection using hybrid neural networks. In Signal processing, communications and networking, ICSCN Chennai: IEEE, 2007.
Tong, X., Wang, Z., & Yu, H. (2009) A research using hybrid RBF/Elman neural networks for intrusion detection system secure model. In Computer physics communications, Vol. 180, p. 7, October, 2009.
Kayacik, H. G., Zincir-Heywood, A. N., & Heywood, M. I. (2003), On the capability of an SOM based intrusion detection system. In IEEE, 2003.
Gavrilis, D., & Dermatas, E. (2005). Real-time detection od distributed denial-of-service attack using RBF networks and statistical features. In COMNET, vol. 48, pp. 235–245, 2005.
Jalili, R., Imani-Mehr, F., Amini, M., & Shahriari, H. R. (2005). Detection of distributed denial of service attacks using statistical pre-processor and unsupervised neural networks, Vol. 25, 2005.
Bengio, Y., & LeCun, Y. (2007). Scaling learning algorithms towards AI. In L. Bottou, O. Chapelle, D. DeCoste, & J. Weston (Eds.), Large-scale kernel machines. Cambridge: MIT Press.
Han, T., Zhang, N., Liu, K., Tang, B., & Liu, Y. (2008). Analysis of mobile WiMAX security: Vulnerabilities and solutions. In Mobile ad hoc and sensor systems (MASS), IEEE, 2008.
IEEE Standard 802.16-2009: Air Interface for Broadband Wireless Access Systems May 2005.
Taylor & Francis Group, WiMAX/MobileFi, Auerbach. (2008). ISBN 978-1-4200-4351-8.
Clegg, R. G. (2006). A practical guide to measuring the Hurst parameter. International Journal of Simulation: Systems, Science & Technology, 7(2), 3–14.
Shojaee, M., Movahediania, N., Tork Ladani, B. (2011). An entropy based approach for DDoS attack detection in IEEE 802.16 based networks. In IWSEC 2011, LNCS 7038 (pp. 129–143). Berlin: Springer.
Karagiannis, T., Molle, M., & Faloutsos, M. (2004). Long range dependence, ten years of internet traffic modelling. In IEEE internet computer, Issue 8, Vol. 5, pp. 57–64, October 2004.
Jirapummin, C., Wattanapongsakorn, N., & Kanthamanon, P. (2002). Hybrid neural networks for intrusion detection system. In: International technical conference on circuits/systems computers and communications, (ITC-CSCC) Thiland, 2002.
Millan, G., & Lefranc, G. (2009). Presentation of an estimator for the Hurst parameter for a self-similar process representing the traffic in IEEE 802.3 networks. International Journal of Computers, Communications & Control, IV(2), 137–147. ISSN 1841-9836, E-ISSN 1841-9844.
Shojaee, M., Movahediania, N., & Tork Ladani, B. (2010). TrafficAnalysis for WiMAX network under DDoS attack. In Second Pacific-Asia conference on circuits, communications and system, (PACCS) China 2010.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shojaei, M., Movahhedinia, N. & Tork Ladani, B. DDoS attack detection in IEEE 802.16 based networks. Wireless Netw 20, 2543–2559 (2014). https://doi.org/10.1007/s11276-014-0755-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-014-0755-5