Showing 1–4 of 4 results for author: Manasrah, A M

A Novel Header Matching Algorithm for Intrusion Detection Systems

Authors: Mohammad A. Alia, Adnan A. Hnaif, Hayam K. Al-Anie, Khulood Abu Maria, Ahmed M. Manasrah, M. Imran Sarwar

Abstract: The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers' community to develop new methods and techniques to gain control over networking systems. Hence, the intrusion detection systems (IDS) are insufficient to prevent/detect unauthorized access the network. Network Intrusion Detection System (NIDS) is one example that st… ▽ More The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers' community to develop new methods and techniques to gain control over networking systems. Hence, the intrusion detection systems (IDS) are insufficient to prevent/detect unauthorized access the network. Network Intrusion Detection System (NIDS) is one example that still suffers from performance degradation due the increase of the link speed in today's networks. In This paper we proposed a novel algorithm to detect the intruders, who's trying to gain access to the network using the packets header parameters such as; source/destination address, source/destination port, and protocol without the need to inspect each packet content looking for signatures/patterns. However, the "Packet Header Matching" algorithm enhances the overall speed of the matching process between the incoming packet headers against the rule set. We ran the proposed algorithm to proof the proposed concept in coping with the traffic arrival speeds and the various bandwidth demands. The achieved results were of significant enhancement of the overall performance in terms of detection speed. △ Less

Submitted 5 August, 2011; originally announced August 2011.

Comments: 15 pages, 7 Figures, 2 Tables

Journal ref: International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.4, July 2011

An innovative platform to improve the performance of exact string matching algorithms

Authors: Mosleh M. Abu Alhaj, M. Halaiyqah, Muhannad A. Abu Hashem, Adnan A. Hnaif, O. Abouabdalla, Ahmed M. Manasrah

Abstract: Exact String Matching is an essential issue in many computer science applications. Unfortunately, the performance of Exact String Matching algorithms, namely, executing time, does not address the needs of these applications. This paper proposes a general platform for improving the existing Exact String Matching algorithms executing time, called the PXSMAlg platform. The function of this platform… ▽ More Exact String Matching is an essential issue in many computer science applications. Unfortunately, the performance of Exact String Matching algorithms, namely, executing time, does not address the needs of these applications. This paper proposes a general platform for improving the existing Exact String Matching algorithms executing time, called the PXSMAlg platform. The function of this platform is to parallelize the Exact String Matching algorithms using the MPI model over the Master or Slaves paradigms. The PXSMAlg platform parallelization process is done by dividing the Text into several parts and working on these parts simultaneously. This improves the executing time of the Exact String Matching algorithms. We have simulated the PXSMAlg platform in order to show its competence, through applying the Quick Search algorithm on the PXSMAlg platform. The simulation result showed significant improvement in the Quick Search executing time, and therefore extreme competence in the PXSMAlg platform. △ Less

Submitted 11 February, 2010; originally announced February 2010.

Comments: IEEE format, International Journal of Computer Science and Information Security, IJCSIS January 2010, ISSN 1947 5500, http://sites.google.com/site/ijcsis/

Report number: Journal of Computer Science, ISSN 1947 5500

Journal ref: International Journal of Computer Science and Information Security, IJCSIS, Vol. 7, No. 1, pp. 280-283, January 2010, USA

Comparative Evaluation and Analysis of IAX and RSW

Authors: Manjur S Kolhar, Mosleh M. Abu-Alhaj, Omar Abouabdalla, Tat Chee Wan, Ahmad M. Manasrah

Abstract: Voice over IP (VoIP) is a technology to transport media over IP networks such as the Internet. VoIP has the capability of connecting people over packet switched networks instead of traditional circuit switched networks. Recently, the InterAsterisk Exchange Protocol (IAX) has emerged as a new VoIP which is gaining popularity among VoIP products. IAX is known for its simplicity, NAT friendliness,… ▽ More Voice over IP (VoIP) is a technology to transport media over IP networks such as the Internet. VoIP has the capability of connecting people over packet switched networks instead of traditional circuit switched networks. Recently, the InterAsterisk Exchange Protocol (IAX) has emerged as a new VoIP which is gaining popularity among VoIP products. IAX is known for its simplicity, NAT friendliness, efficiency, and robustness. More recently, the Real time Switching (RSW) control criterion has emerged as a multimedia conferencing protocol. In this paper, we made a comparative evaluation and analysis of IAX and RSW using Mean Opinion Score rating (MOS) and found that they both perform well under different network packet delays in ms. △ Less

Submitted 13 January, 2010; originally announced January 2010.

Comments: 3 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS December 2009, ISSN 1947 5500, http://sites.google.com/site/ijcsis/

Report number: Volume 6, No. 3, ISSN 1947 5500

Journal ref: International Journal of Computer Science and Information Security, IJCSIS, Vol. 6, No. 3, pp. 250-252, December 2009, USA

Detecting Botnet Activities Based on Abnormal DNS traffic

Authors: Ahmed M. Manasrah, Awsan Hasan, Omar Amer Abouabdalla, Sureswaran Ramadass

Abstract: IThe botnet is considered as a critical issue of the Internet due to its fast growing mechanism and affect. Recently, Botnets have utilized the DNS and query DNS server just like any legitimate hosts. In this case, it is difficult to distinguish between the legitimate DNS traffic and illegitimate DNS traffic. It is important to build a suitable solution for botnet detection in the DNS traffic an… ▽ More IThe botnet is considered as a critical issue of the Internet due to its fast growing mechanism and affect. Recently, Botnets have utilized the DNS and query DNS server just like any legitimate hosts. In this case, it is difficult to distinguish between the legitimate DNS traffic and illegitimate DNS traffic. It is important to build a suitable solution for botnet detection in the DNS traffic and consequently protect the network from the malicious Botnets activities. In this paper, a simple mechanism is proposed to monitors the DNS traffic and detects the abnormal DNS traffic issued by the botnet based on the fact that botnets appear as a group of hosts periodically. The proposed mechanism is also able to classify the DNS traffic requested by group of hosts (group behavior) and single hosts (individual behavior), consequently detect the abnormal domain name issued by the malicious Botnets. Finally, the experimental results proved that the proposed mechanism is robust and able to classify DNS traffic, and efficiently detects the botnet activity with average detection rate of 89 percent. △ Less

Submitted 2 November, 2009; originally announced November 2009.

Comments: 8 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423, http://sites.google.com/site/ijcsis/

Report number: ISSN 1947 5500

Journal ref: International Journal of Computer Science and Information Security, IJCSIS, Vol. 6, No. 1, pp. 097-104, October 2009, USA