Anomaly detection in Distributed Denial of Service attack using map reduce improvised counter-based algorithm in Hadoop

Abstract

A Distributed Denial of Service (DDOS) is one of the major threats in the cyber network and it causes the computers flooded with the Users Datagram Packet (UDP).This type of attack crashes the victim with large volume of traffic and the victim is not capable of performing normal communication and crashes it completely. To handle this DDOS attack the normal Intrusion Detection System is not suitable to hold and find the amount of the data in the network. Hadoop is a frame work that allows huge amount of data and it is used to processes the huge amount of data. A Map reduce program comprises of a Map task that performs filtering and sorting and a Reduce task that performs summary operation. The propose work focuses on the detection algorithm based on Map Reduce platform which uses the Improvised counter based (MRICB) algorithm to detect the DDOS flooding attacks. The MRICB algorithm is implemented with Map Reduce functionalities at the stage of verifying the Network IPS. This proposed algorithm also focuses on the UDP flooding attack using anomaly based intrusion detection technique that identifies the kind of packets and the flow of packet in the node is more that the set threshold and also identifies the source code causing UDP Flood attack . Thus it ensures the normal communication with large volume of traffic.