Objectives: Denial-of-service (DoS) and distributed-denial-of-service (DDoS) are the critical threats in the network security. To overcome from these kinds of attacks the existing system created a puzzle scheme called software puzzle. However the malicious user tries to solve the puzzle, the graphics processing unit (GPU) which is present inside the computer will decrease the effect of the client puzzle. Methods: In this method the puzzle algorithm is generated randomly based on the client request. Once the request is received the server will generate the puzzle with random key, the client receive the puzzle process it and generate the solution for the puzzle. The server verifies it. The drawback in the existing system is that the puzzle does not contain time period so the attacker will hack the key at any time and flood server with malicious request another one is that As the DDOS attack increases, the puzzle difficulty should be also increased, Increase in difficult level the computation cost also increases. Findings: To overcome from this the proposed method contain encrypted one time password (OTP) that is server will generate encrypted OTP based on the Hash function and the salt it is send to the client, Then the client will decrypt the OTP. Based on the decrypted value the client will type the password and send to the server, it will check the password with the mapped value. Another advantage in the proposed method is that it only allow three time for each user to enter wrong password in fourth time the puzzle will be generated the user has to solve and the server will check it. The puzzle solving is created to check whether it is a malicious user or a genuine client by this security is improved and denial of service attack is reduced. Applications: In this approach website security is increased, Attacker chance of hacking and flooding the server with malicious request will be reduced, Allow only genuine user to access the website by use of encrypted OTP and Puzzle approach.
Read full abstract