Malicious Host Detection using Probabilistic Data Structures

Abstract

Internet is integrated platform where data is continuously increasing at an exponential rate. Since internet is lifeline of various business and personal activities and a growing number of users access all kind of data, there is an utmost requirement of protecting such data from illegal access or modification. To protect data from emerging attacks, a wide range of methods have been proposed in the literature. Intrusion detection systems are considered as one of the important tool for monitoring and analysing network traffic to protect against emerging attacks. In this work a novel method of intrusion detection is presented. In the proposed method a popular Probabilistic Data Structure (PDS) Bloom filter is employed to store information of suspicious nodes which reduces the storage requirement. Further, Modified Count Min Sketch (MCMS), a variant of Count Min Sketch (CMS), a PDS used for frequency count is used to track hit rate of suspicious nodes in a defined time span. The work provides a detailed analysis of the proposed scheme and the output achieved shows that proposed approach is more efficient compared to CMS since the results obtained indicate that MCMS require less storage and computational time as compared to CMS.