Top

Wireless Personal Communications

Published in:

01-09-2015

Security Enhancement in Distributed Networks Using Link-Based Mapping Scheme for Network Intrusion Detection with Enhanced Bloom Filter

Authors: K. Saravanan, A. Senthilkumar

Published in: Wireless Personal Communications | Issue 2/2015

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

To prevent and monitor the unauthorized usage of data access, security on the network is implemented by authenticating the data. Network intrusion detection system monitors the network traffic and measures the information to identify the suspicious activities. In distributed networks, the network administrator has to authorize the user data access. When large data set is concerned in network applications the two complex issues to be solved are the organization of information and decision making. To address these issues, a space efficient data structure, called the bloom filter is used which effectively organizes and decides the presence of reliability. However, using advanced filtering techniques, the intruders easily hack the authorized data for unauthorized operations. At the same time, when processing the information, it is difficult to access the data in a secured manner using the standard bloom filters. To enhance the security over the user data access from the intruders, an enhanced bloom filter technique is presented to represent the large set of data in secure manner applied in distributed applications like web caching, peer networks etc. Additionally, to restrict the unauthorized access over the dataset from malicious activities by intruders, the enhanced bloom filter is applied with an upper bound on the false-positive probability by increasing its capacity as the packet data size increases. The occurrence of network data traffic is cleared by mapping the set of data elements to the appropriate setting in the database using hash functions, minimizing the number of resets created and at the same time improving the mean hit ratio. An experimental evaluation is done with the KDD cup 1999 dataset extracted from UCI repository to estimate the performance of the proposed link-based mapping for network intrusion detection system with enhanced bloom filters. Performance evaluation is measured in terms of false positive probability, false negative probability, mean hit ratio, scalability, number of resets created and security. The experimental results reveals that security over the packet data achieves 42.5 % higher against existing dynamic bloom filter approach.

previous article Token Bucket Fair Scheduling Algorithm with Adaptive Rate Allocations for Heterogeneous Wireless Networks

next article Strategic Network Formation Game for Energy Consumption Balancing

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Rottenstreich, O., Kanizo, Y., & Keslassy, I. The variable-increment counting bloom filter. Technical Report TR11-05, COMNET, TECHNION, Isreeal.

Mitzenmacher, M. (2002). Compressed bloom filters. IEEE/ACM Transactions on Networking, 10(5), 604–612.

Kirsch, A., & Mitzenmacher, M. (2006). Distance-sensitive bloom filters. In Proceedings of the Eighth Workshop on Algorithm Engineering and Experiments, 21 January 2006 (ALENEX 2006) (pp. 41–50). Miami: SIAM.

Xie, K., Min, Y., Zhang, D., & Xie, G. (2005). Basket bloom filters for membership queries. TENCON 2005 2005 IEEE Region, 10, 21–24. doi:10.1109/TENCON.2005.301258.

Kundu, S. R., Pal, S., Basu, K., & Das, S. K. (2009). An architectural framework for accurate characterization of network traffic. IEEE Transactions on Parallel and Distributed Systems, 20(1), 111–123.

Yoon, M. (2010). Aging bloom filter with two active buffers for dynamic sets. IEEE Transactions on Knowledge and Data Engineering, 22, 134–138.

Hua, Y., Xiao, B., Veeravalli, B., & Feng, D. (2012). Locality-sensitive bloom filter for approximate membership query. IEEE Transactions on Computers, 61(6), 817–830.

Guo, D., Wu, J., Chen, H., Yuan, Y., & Luo, X. (2010). The dynamic bloom filters. IEEE Transactions on Knowledge and Data Engineering, 22(1), 120–133.

10.

Laufer, R. P., et al. (2011). A generalized bloom filter to secure distributed network applications. Computer Networks, 55, 1804–1819.

11.

Bloom, B. (1970). Space/time trade-offs in hash coding with allowable errors. ACM, 13(7), 422–426.MATHCrossRef

12.

Carter, J. L., & Wegman, M. (1979). Universal classes of hash functions. Journal of Computer and System Sciences, 18(2), 143–154.MATHMathSciNetCrossRef

13.

Itani, W., Ghali, C., El Hajj, A., & Kayssi, A. (2010). SinPack: A security protocol for preventing pollution attacks in network-coded content distribution networks. In IEEE Global Telecommunications Conference (GLOBECOM 2010).

14.

Antikainen, M., Aura, T., & Sarela. M. (2013). Denial-of-service attacks in bloom-filter-based forwarding. Transactions on Networking, IEEE/ACM, 3(99), 1463–1476.

15.

Paynter, M., & Kocak, T. (2008). Fully pipelined bloom filter architecture. IEEE Communications Letters, 12(11), 855–857.

16.

Kocak, T., & Kaya, I. (2006). Low-power bloom filter architecture for deep packet inspection. Communications Letters, IEEE, 10(3), 210–212.

17.

Moreira, M. D. D. (2012). Capacity and robustness tradeoffs in bloom filters for distributed applications. IEEE Transactions on Parallel and Distributed Systems, 23(12), 2219–2230.

18.

Li, Y.-Z. (2009). Memory efficient parallel bloom filters for string matching. In International Conference on Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC’09.

19.

Ding, Y. (2009). A novel call admission control routing mechanism using bloom filter in MANET. In International Conference on Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC’09.

20.

Saravanan, K., & Senthilkumar, A. (2013). FPGA implementation of secure authentication in WiMAX networks using modified WiMAX bloom filter: A hardware approach. Journal of Discrete Mathematical Sciences and Cryptography, Taylor and Francis, 16(6), 393–404.MathSciNetCrossRef

21.

Dharmapurikar, S., Krishnamurthy, P., Sproull, T., & Lockwood, J. W. (2004). Deep packet inspection using parallel bloom filters. IEEE Micro, 24(1), 52–61.CrossRef

Title: Security Enhancement in Distributed Networks Using Link-Based Mapping Scheme for Network Intrusion Detection with Enhanced Bloom Filter
Authors: K. Saravanan
A. Senthilkumar
Publication date: 01-09-2015
Publisher: Springer US
Published in: Wireless Personal Communications / Issue 2/2015
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-015-2662-1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2015

Simple Noise-Adaptive Packet Detection Scheme in Wireless Body Area Network Systems

The Research of Passive Wake-Up Technology Based on the Microwave Power Transmission

Limited Feedback MU-MIMO in LTE-A System: Concepts, Performance, and Future Works

Globally Optimal Cooperation in Dense Cognitive Radio Networks

Performance of Dual Hop Relay System in the Presence of a Correlated Interferer Through Nakagami Fading Channel

A Miniaturization Approach Towards 40 GHz Integrated Single Chip Receiver System for MMW Communication Networks