Attack detection mechanisms for preserving security during data communication in large scale networks

Abstract

newline Large-scale networks due to their extended support in network applications are enforced to face various security threats. To ensure a secure way of data communication in large-scale networks, many authors have proposed techniques and ideas in earlier research works. However, the external attacks are prevented using traditional security mechanisms, but the captured nodes causing internal attacks are not solved with these earlier mechanisms. Hence, a reliable and robust security mechanism is more important in large-scale networks. Identifying the type of security mechanisms and main threats associated with large-scale network environment are highly enabled in this thesis work. Further, the inside attackers having the ability to bypass all traditional cryptographic mechanisms are also focused mainly on developing an efficient trust-based security solution which can provide fast detection and secure data transmission. Economic science has been encouraged for the determination of authenticated and authorized attackers using an alternative security solution called trust management. The main aim of the research work is to design an efficient trust-based attack detection framework for earlier detection and prevention of internal attacks (especially, DDoS attacks), which are exhibiting the same behavior as same as that of trust-based nodes in the communication network. To achieve this goal, a trust management framework is designed with three solutions. Multi-Level Authentic Propagation Model with a Deceptive Recommendation Penalty (MAP-DRP) scheme is proposed to improve network security. Here, the social behavior of nodes and QoS trust is combined to mitigate the penalized nodes that are misbehaving on discovering the path for packet newline newline