Abstract
DDoS attacks have become very popular since the turn of this millennium and has stayed in the headlines due to ever increasing and sometimes devastating attacks on popular web servers. In this study, we deal with DDoS attacks by proposing a correlation based approach with a sliding window model to detect and mitigate DDoS attack. The proposed scheme identifies malicious traffic flow towards a target system based on the volume of traffic flowing towards the victim machine and uses a correlation based approach with a sliding window model to detect and isolate malicious hosts. Rate limiting is applied individually on each malicious flow based on the volume of malicious traffic generated by the attacking hosts rather than a collective rate limiting on the total malicious flow towards victim. The results observed in simulation shows that the proposed approach detects the onset of the attacks very early and reacts to the threat by rate limiting the malicious flow based on the volume of attack traffic generated by each attacking hosts. The approach also adapts quickly to any changes in the rate of flow. The proposed system can be successfully implemented at critical points in the network as autonomous defense systems to limit the volume of malicious packet flow towards the target system.
Highlights
The rapid growth of cyberspace into a vital global communication and business network has created a global infrastructure where both the network and its resources are highly vulnerable to Internet security threats
The results clearly show that the proposed scheme can detect DDoS attacks early and the adaptive rate limiting strategy based on individual malicious traffic volume can be successfully deployed to limit the amount of malicious flow towards the target machine
The proposed correlation based approach with a sliding window model to detect and mitigate DDoS attacks, monitors the total volume of packets received at the defense system
Summary
The rapid growth of cyberspace into a vital global communication and business network has created a global infrastructure where both the network and its resources are highly vulnerable to Internet security threats. Distributed Denial of Service attack is one of the most critical threats to the stability and growth of the Internet. The attack involves denying the availability of a targets resource to legitimate users. The resources of the victim hosts are consumed by malicious attackers such that the victims service are either fully disrupted or is significantly degraded, rendering it virtually useless to legitimate users. Vulnerable hosts in Internet are identified and compromised to become zombie machines which are remotely controlled and coordinated to launch an attack on a victim machine. The attack is orchestrated by sending a large volume of malicious packets such that the targets victim’s CPU usage is maxed out from processing this useless traffic and preventing it from performing any useful work
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
