Abstract
The current internet infrastructure is susceptible to distributed denial of service (DDoS) attacks and has no built in mechanism to defend against them. The research on these kinds of attacks and their defense is significant for the security and reliability of the internet. We have already proposed a collaborative agent based distributed DDoS defense scheme which detect and prevents against DDoS attacks in ISP (Internet Service Provider) boundaries. The actual task of defense is carried out by agents and coordinators in each ISP. The defense system works by inspecting incoming traffic on edge router and identify the happening of DDoS attacks. The agent’s implements an entropy-threshold based detection algorithm. The coordinators share attack related information with neighboring ISPs in order to achieve distributed defense. The performance of defense system is evaluated on the basis of some identified metrics. The effectiveness of the defense system is evaluated in the presence and absence of defense system. The result indicates that the proposed defense system does accurate attack detection with very few false positives and false negatives.
Highlights
Denial of Service is an attack having the target of stopping genuine users from the use of a particular network service/resource like a computer system, web server/service or website [1]
If a distributed denial of service (DDoS) attack is confirmed, the packets related to the suspicious flow are dropped and the coordinator will be updated with the attack related information
DDoS attacks are the major security issues in Internet community because it will become a major cause of economic loss in many countries
Summary
Denial of Service is an attack having the target of stopping genuine users from the use of a particular network service/resource like a computer system, web server/service or website [1]. The frequently available attack tools like TFN (Tribe Flood Network), Trinoo, Shaft, TFN2K, and Stacheldraht help the attacker to perform a coordinated DDoS attack against any victim or Internet service [2]. In Feb. 2000, Yahoo becomes the victim of one of the first large-scale DDoS attack, which in results keeps it off from the Internet for nearly 2 hours. It further helps us to propose a defense system which can defend DDoS attacks in a distributed environment. We have already proposed a distributed defense mechanism which detects and mitigates DDoS attacks in ISP domains with the help of collaborative agents and coordinators [24]. The various defense related tasks like attack traffic characterization, attack detection, filtering/rate limiting of attack traffic will be distributed to agents working with edge routers in source stub networks. The performance and effectiveness of the proposed defense system is evaluated and discussed here
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
