ProIDS: Probabilistic Data Structures Based Intrusion Detection System for Network Traffic Monitoring
- 1 December 2017
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in GLOBECOM 2017 - 2017 IEEE Global Communications Conference
Abstract
Internet is an integrated platform where the data is growing at an exponential rate. Since it incorporates numerous business and personal services, we need to protect the data from illegal access or modifications. In literature, a large number of techniques have been proposed to protect the data against the malicious intent of the intruders. However, one of the most important way for monitoring and analyzing network traffic against various attacks is by the deployment of Intrusion detection systems (IDS). This paper presents a novel IDS based on probabilistic data structures named as ProIDS. In the proposed ProIDS, a popular probabilistic data structure (PDS), Bloom filter has been used to store the information about the suspicious nodes. Using Bloom filter, the number of hits on suspicious nodes per unit time has been computed using the modified version of Count min sketch, i.e., MCMS, a PDS. The work also presents a detailed theoretical analysis backed by relevant technical description. Simulation results clearly depict that the proposed system is more reliable and scalable in comparison to the existing Count-min sketch method. The results obtained show that proposed system requires comparatively less computational time and storage in comparison to the existing Count-min sketch method.Keywords
This publication has 21 references indexed in Scilit:
- Bloom filter applications in network security: A state-of-the-art surveyComputer Networks, 2013
- SigMatchProceedings of the VLDB Endowment, 2010
- A Digest and Pattern Matching-Based Intrusion Detection EngineThe Computer Journal, 2009
- Count-Min SketchPublished by Springer Science and Business Media LLC ,2009
- Low-power bloom filter architecture for deep packet inspectionIEEE Communications Letters, 2006
- Fast hash table lookup using extended bloom filterACM SIGCOMM Computer Communication Review, 2005
- An improved data stream summary: the count-min sketch and its applicationsJournal of Algorithms, 2005
- Network Applications of Bloom Filters: A SurveyInternet Mathematics, 2004
- E 2 xB: A Domain-Specific String Matching Algorithm for Intrusion DetectionPublished by Springer Science and Business Media LLC ,2003
- Space/time trade-offs in hash coding with allowable errorsCommunications of the ACM, 1970