Discovery of Malicious Attacks to Improve Mobile Collaborative Learning (MCL)

Abdul Razaque
2012 International Journal of Computer Networks & Communications  
Mobile collaborative learning (MCL) is highly acknowledged and focusing paradigm in eductional institutions and several organizations across the world. It exhibits intellectual synergy of various combined minds to handle the problem and stimulate the social activity of mutual understanding. To improve and foster the baseline of MCL, several supporting architectures, frameworks including number of the mobile applications have been introduced. Limited research was reported that particularly
more » ... s to enhance the security of those pardigms and provide secure MCL to users. The paper handles the issue of rogue DHCP server that affects and disrupts the network resources during the MCL. The rogue DHCP is unauthorized server that releases the incorrect IP address to users and sniffs the traffic illegally. The contribution specially provides the privacy to users and enhances the security aspects of mobile supported collaborative framework (MSCF). The paper introduces multi-frame signature-cum anomaly-based intrusion detection systems (MSAIDS) supported with novel algorithms through addition of new rules in IDS and mathematcal model. The major target of contribution is to detect the malicious attacks and blocks the illegal activities of rogue DHCP server. This innovative security mechanism reinforces the confidence of users, protects network from illicit intervention and restore the privacy of users. Finally, the paper validates the idea through simulation and compares the findings with other existing techniques. The rapid developments in information technologies (IT) have improvised the use of mobile devices in open, large scale and heterogeneous environments. The mobile devices provide the bridge to connect learners with institutions directly. This highly emerged platform has put the concrete foundation of MCL to corroborate pedagogical activities. The deployment of mobile devices has not only underpinned MCL but also created many chances for malicious attackers to crack the integrity and privacy of users. The mobile users are highly dependent on DHCP server for issuance of IP addresses. The DHCP server provides highly organized and useful administrative service to mobile devices. However, unauthorized and misconfigured DHCP server (rogue DHCP) is used into a network; it creates the problems for users, breaking the security. It invites the intruders and attackers to redirect & intercept network traffic of any device that uses the DHCP. Attacker (The man-in-middle) modifies the original contents of communication. The malware and Trojans horse install rogue DHCP server automatically on network and affect the legitimate servers. If the rogue DHCP server assigns an incorrect IP address faster than original DHCP server, it causes the potentially black hole for users. To control the malicious attacks and avoiding the network blockage, the network administrators put their efforts to guarantee the components of server, using various tools. The graphical user interface (GUI) tool is used to prevent the attack of rogue detection [5] . Idea of using multilayer swiches may be configured to control the attacks of rogue DHCP server but it is little bit complex and not efficient to detect rogue DHCP server and its malicious consequences [7] & [8]. Time-tested, DHCP Find Roadkil.net's, DHCP Sentry, Dhcploc.exe and DHCP-probe provide the solution to detect and defend rogue DHCP server malware [6] . All of these tools cannot detect the new malicious attacks. Intrusion detection systems (IDS) are also introduced to ensure the protection of systems and networks. However, IDS cannot detect the intrusion due to increase in size of networks. The Signature based detection does not have capacity to compare each packet with each signature in database [2]. Distributed Intrusion Detection System (DIDS) is another technique to support the mobile agents. This technique helps the system to sense the intrusion from incoming and outgoing traffics to detect the known attacks [1]. Ant colony optimization (ACO) based distributed intrusion detection system is introduced to detect intrusions in the distributed environments. It detects the visible activities of attackers and identifies the attack of false alarm rate [3] . Anomaly based intrusion detection are introduced to detect those attacks for which no signatures exist [4], [6], [10] .Both signature based and anomaly based IDS have not been used to detect the problems of rogue DHCP server. This paper introduces the multi-frame signature-cum anomaly based intrusion detection system supported with novel algorithms, inclusion of new rules in IDS and mathematical model to detect the malicious attacks and increase the privacy and confidentiality of users in MCL environment. Related work The modern technologies and its deployment in computer and mobile devices have not only created new opportunities for better services but from other perspective, privacy of the users is highly questionable. The network-intruder and virus contagion extremely affect the computer systems and its counterparts. They also alter the top confidential data. Handling these issues and restoring the security of systems, IDS are introduced to control malicious attackers. IDS are erroneous and not providing the persistent solution in its current shape. The first contribution in the field of intrusion detection was deliberated by J.P Anderson in [28] . He introduced notion about the security of computer systems and related threats. Initially, he discovered three attacks that are misfeasors, external penetrations and internal penetrations.
doi:10.5121/ijcnc.2012.4402 fatcat:cjjmh5xid5hi5jofvyd2xjoyum