Intrusion Detection Based On Degree of Nodes in Network Traffic Graph

Nowadays with development of technology and variety of network services, communication and different needs of users with high speed and simplicity have been possible, but a way for the implementation of different types of destructive and illegal processes has paved. These processes are attacks with aim of reducing network performance or destruction of networks. So far, various types of attacks such as viruses, worms, Trojan horses, denial of service, distributed denial of service, Botnets have been attacked computer networks. In order to recognize and prevention with negative effects of this attacks, intrusion detection systems are designed and implemented. These systems are divided to two general groups; anomaly-based intrusion detection systems and signature-based intrusion detection systems. In Anomaly-based intrusion detection, the input data is compared with normal model or expected behavior of system and significant deviation from normal model is specified as an anomaly. The advantage of this method is that it could potentially detect attacks that have not been seen so far. We will propose a solution that create a graph in which nodes represents hosts and edges represents activity within hosts, computing degree of nodes in graph and compare with normal mode. This Method can be used for automatic detection denial of service attacks.