Home Author Index Search Volume 1 May 2009 ISSN 1797-9617

International Journal of

Recent Trends in Engineering

Home > Vol. 1, No. 1

 

International Journal of Recent Trends in Engineering (IJRTE)

ISSN 1797-9617

Volume 1, Number 1, May 2009

Issue on Computer Science

Page(s): 643-646

Fusion of Detection, Traffic Control and Traceback Technique for DDoS attacks r

A.R. Patil Bhagat, S. Basak, C. Godbole, and U. Shrawankar

Full text: PDF

Abstract

Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks typically generate huge amount of adverse traffic to a target server and make the server unavailable for services. Several works had put lots of efforts to find novel and effective techniques to detect and prevent such attacks. However, most studies were conducted using offline data or via simulation. Only a few studies address the issues of server survivability when under DDoS attacks and perform real experiments to measure the effectiveness of filtering such malicious traffic since capturing and analyzing real attacking traffic on the fly would be an enormous task. This paper proposes a model to measure the effectiveness of filtering malicious traffic while actual attacks aim at a target server. The model performs a simple anomaly detection using the rates of input traffic which is classified into normal, suspicious and malicious traffic based on the pre-defined threshold values. If the input traffic is regarded as suspicious or malicious, the model will substantially drop part of the input traffic to an acceptable level so that only the small amount of traffic is allowed to pass and reach the target server. As a result, the server survives the attacks. When packets marked as normal and suspicious are allowed passing through then we employ a recursive based IP traceback method used to locate the original source node producing malicious packets. These packets could be produced by attackers deliberately or by Botnets and Zombies which are autonomously driven software producing malicious packets in the traffic.

Index Terms

Botnets, Bloom filter, Detection analysis, Traffic control, Traceback

Published by Academy Publisher in cooperation with the ACEEE

@ Copyright 2009 ACADEMY PUBLISHER All rights reserved