This website uses cookies to ensure you have the best experience. Learn more

Distributed Denial Of Service Attack – Detection And Defense

1527 words - 7 pages

Internet technology has extended to greater degree than it is believed to be. It has become an inevitable part of our lives and we rely totally on the internet for our daily necessities. Internet is a highly unbounded vast network of networks. As Internet keeps growing, there are new threats evolving thus increasing the need to develop and tighten security measures to ensure the protection of it. There are many challenges faced by Internet, Distributed denial of Service is the critical concern for Internet, particularly to internet commerce. Distributed Denial of Service attacks can cause infrastructure problems and can disrupt communications on international level. Access denial to ...view middle of the document...

In Traffic Anomaly detection, If ICMP or UDP attack is carried out it can be easily found based on analyzing the traffic rate. In Behavior anomaly detection, the behavior between the server and client is analyzed and a model is generated if the behavior varies with pre-generated model then it is considered as an attack on the system. In pattern matching detection, the attack is detected by packet analysis methods. These detection mechanisms are deployed at victim’s side of the attack. If these three detection mechanism are integrated and deployed at victim’s side, then DDioS can be detected. Once if we are able to detect the DDioS attacks, then it will be little easy to find a way to defend or mitigate the DDioS attack which prevents the system to crash and this will lead to uninterrupted service to the users.
One of the novel approaches to mitigate simple DioS is CAPTCHA Authentication. In this approach, whenever a person requests a particular web service for more number of times than the specified limit set by service provider, it automatically asks the client to solve the CAPTCHA. This requires human intervention in which client has to solve the CAPTCHA successfully to proceed with the web service. As soon as the CAPTCHA is solved, the IP address is whitelisted for certain amount of traffic or time. Whenever the time is expired or traffic limit is violated, the CAPTCHA authentication is provided to client to solve again. Nowadays there are automated ways to solve CAPTCHA authentication, so it doesn’t work out much but there are ongoing research on this topic.
Let’s discuss one of the DDioS detection techniques here. This technique is achieved by monitoring Source IP Address which is called as SIM (Source IP Address Monitoring Technique). This detection mechanism uses huge number of new IP addresses in the attack traffic to the victim and has an advantage of detecting at early stages of the attack. SIM has two parts called offline training and detection & learning. In the first part called Offline training, where learning engine or algorithm adds legitimate IP address into the IP Address Database (ID) and then it keeps updating the database by adding new legitimate IP address and deleting expired IP address. This is purposely done in offline mode to make sure traffic data is used for training and it does not prone to bandwidth attacks. For example to find the legitimate IP address, a TCP connection with less 3 packets is considered an abnormal IP flow and this simple rule can be used to decide whether the packets are from the legitimate sources.
In the second part, it deals with detection and learning. During this part, statistics of incoming traffic for certain time interval is noted. In the detection engine, a hash table is maintained and used to record all the IP address that encountered during that time interval. Hash table entry consist of mainly two fields that are IP address and the timestamp of recent packet of that IP address....

Find Another Essay On Distributed Denial of Service attack – Detection and Defense

dFence: Transparent Network-based Denial of Service Mitigation

1021 words - 5 pages . dFence mitigation system operates in-network to filter out attack traffic before it gets close to the server. The ISP can provide dFence as a protection service to its subscribing customers. Authors provided only defense against DoS attack instead of finding out any DOS attack. Any DoS detections system can provide an alarm as input to dFence mitigation system. No. of distributed set of middleboxes is used to protect the customer network under

MicroGrids and Distributed Generation: The Future of Energy

1252 words - 5 pages demand-side resources and distribution-scale supply, together with distributed generators, electrical and thermal storage load management and demand response. The coordination can be managed with different purposes like increase utility systems benefits, reduce customer-service costs, or some kind of combination between the two. However, the Microgrids might or might not be the best way of producing those benefits cost-effectively. Nowadays, a

The denial of Japanese War Crimes and atrocities

998 words - 4 pages people and have been in denial about the atrocities for many years. They destroy any evidence and documents and refuse to have this history printed in the schoolbooks for the children to study. The Japanese military threatens anyone who speaks any truth about the war crimes that took place to keep this swept under the rug.Not only did the Japanese savagely kill millions of people; they also forced women into sex slavery. Terrible acts were

Effects and Complications of a Heart Attack

1052 words - 4 pages Heart Attack A heart attack is damage to the heart due to decreasing blood supply (and the oxygen supply) to the part of the heart muscle. A heart attack affects cardiovascular system, this part of the system that shows these effects is the hear muscle. When a heart attack occurs a part of the heart muscle is no longer supplied with oxygen, the muscle in that area dies, cardiac arrest can then occur stopping the heart. Various lifestyle

Stochastic and Normally Distributed Probability Distributions Allow for Statistical Analysis and Modelling of Returns

2432 words - 10 pages Question 1 The probability distribution assumption on risky asset returns is that returns are stochastic and normally distributed around the mean return. This assumption allows for statistical analysis and modelling of returns. The assumptions of the models are listed below. i) No Transaction Cost for buying or selling an asset. Since transaction costs are normally a minimal percentage of the investment it becomes a minor importance to

Best Practices for the Prevention and Detection of Fraud

1679 words - 7 pages process are the best practices for the prevention and detection of fraud. In 2002, after a chain of highly publicized corporate scandals, Congress passed the Sarbanes-Oxley Act, intending to restore investor confidence in publicly traded securities. Traditionally, management and the board of directors were in charge of managing the company and preparing financial statements. However, this new law makes it clear that they are also in charge

Common Methods of Lie Detection and There Effectiveness

1852 words - 7 pages Common Methods of Lie Detection And Their Effectiveness As Ayn Rand one said, “People think that a liar gains a victory over his victim. What I’ve learned is that a lie is an act of self-abdication, because one surrenders one’s reality to the person to whom one lies, making that person one’s master, condemning oneself from then on to faking the sort of reality that person’s view requires to be faked… The man who lies to the world, is the

Auditor's Role in Prevention and Detection of Payroll Fraud

2114 words - 8 pages fraudsters from committing such fraudulent acts. Management should monitor the consistent implementation of internal control system and maintain an internal audit to aid in the assessment of effectiveness of control and evaluate the existence of risk. OBJECTIVES General Objective:  To know the role of an internal auditor in the detection and prevention payroll fraud in telecommunication companies in the Philippines Specific objectives

Sepsis: Early Detection and Implementation of Sepsis Resuscitation Bundle

1265 words - 6 pages Sepsis: Early Detection and Implementation of Sepsis Resuscitation Bundle Introduction Sepsis is defined as the body’s inflammatory response to an infection and can quickly lead to multiple organ failure and death. Early, goal-directed therapy using the sepsis resuscitation bundle introduced in the “Surviving Sepsis Campaign” is the treatment used throughout the world for sepsis treatment (Winterbottom 2012, pp 247). There are

Royalty and Their Defense of Citizens

1325 words - 5 pages past, and at the leaders who once held sway over the lands. Here we have two tales depicting for us the lives and roles of such great leaders, separated by over 3000 years. Our first legend is of Gilgamesh, who was seen as the link between his people and their gods, and was to maintain justice, the laws, and the defense of his citizens. Beowulf's legend shows the relationship between kings, and nobles, as well as nobles, and their serfs. Since

Detection and Treatment of Patients with Severe Sepsis

2519 words - 10 pages ., Clouatre, A. E., & Riccio, J. C. (2013). Early detection and treatment of patients with severe sepsis by prehospital personnel. The Journal of Emergency Medicine, 44(6), 1116-1125. doi:10.1016/j.jemermed.2012.11.003 Hadzovic-Cengic, M., Sejtarija-Memisevic, A., Koluder-Cimic, N., Lukovac, E., Mehanic, S., Hadzic, A., & Hasimbegovic-lbrahimovic, S. (2012). Cellulitis-epidemiological and clinical characteristics. Medical Archives, 66(3, Supplement 1

Similar Essays

Distributed Denial Of Service Attacks Essay

633 words - 3 pages . Recently, DDoS attacks have been a rising issue for businesses owners who run their own servers, such as video game companies and other high profile web servers, including banks and other credit card payment gateways. A DDoS attack, distributed denial of service attack, is when one or more individuals attempt to force a network offline and unavailable to its intended users. This process is typically performed by flooding a network with

Denial Of Service(Dos) Essay

691 words - 3 pages traffic which then brings the entire network to it's knees. Like viruses there are security fixes that are created to protect against the attacks but as new security measures come out, just like viruses, new DoS attacks are developed. As servers have rapidly grown in size and ability the attacks have had to grow as well. The result is Distributed Denial of Service attacks or DDoS. Some common forms of DoS attacks are:1. Buffer Overflow2. SYN3

Denial Of Service Attacks Essay

868 words - 3 pages a whole new generation of distributed denial of service attacks (although these are seldom used against individuals). III. SYN Attack When a session is initiated between the TCP client and server in a network, a very small buffer space exists to handle the usually rapid "hand-shaking" exchange of messages that sets up the session. The session-establishing packets include a SYN field that identifies the sequence in the message exchange. An

Denial Of Service Attacks Essay

2628 words - 11 pages Denial of Service attacks (DoS) or Distributed Denial of Service Attacks (DDoS), have been around for many years, but only in the past few years have the frequency and magnitude of these attacks increased. They are a significant problem because they can shut an organization off from the Internet for extended periods of time and little can be done to stop them. DoS attacks occur when computer resources become unavailable to legitimate users