Anomaly Intrusion Detection Methods for Peer-to-Peer System

Peer-to-peer systems and applications are the hotspot of research of network applications. As peer-to-peer system has no central system and is deployed on an open network, new concerns regarding security have been raised. As an additional security measure, the intrusion detection system would help determine whether unauthorized users are attempting to access, have already accessed, or have compromised the network Intrusion detection, as the second line of defense, is an indispensable tool for highly survivable networks. In this paper two anomaly intrusion detection methods are proposed for peer-to-peer system. The main characters of the methods are that they can detect intrusion in real-time without any expert knowledge and attack signatures. One method uses hidden Markov model to check reflector DoS attacks, another based on adaptive resonance theory, which can learn the normal behavior with unsupervised method. The experimental P2P system is built on FreePastry 1.401 and JDK 1.5.0. The results have indicated that the methods can find DoS attacks immediately and find new intruders with low false alarm rate.