Downloads: 115 | Views: 350
Research Paper | Computer Science & Engineering | India | Volume 2 Issue 4, April 2013 | Popularity: 6.7 / 10
Efficient Framework to Mitigate DDoS Attacks and Response System
Saravanan S, P.Siva kumar
Abstract: A Distributed Denial-of-Service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. The nature of the threats posed by DDoS attacks on large networks, such as the Internet, demands effective detection and response methods. These methods must be deployed not only at the edge but also at the core of the network. This paper presents methods to identify DDoS attacks by computing entropy and frequency-sorted distributions of selected packet attributes. The DDoS attacks show anomalies in the characteristics of the selected packet attributes. The detection accuracy and performance are analyzed using live traffic traces from a variety of network environments ranging from points in the core of the Internet to those inside an edge network. The results indicate that these methods can be effective against current attacks and suggest directions for improving detection of more stealthy attacks. We also describe our detection-response prototype and how the detectors can be extended to make effective response decisions.
Keywords: Distributed Denial of Service, Entropy, Edge network, Stealthy Attacks
Edition: Volume 2 Issue 4, April 2013
Pages: 386 - 391
Please Disable the Pop-Up Blocker of Web Browser
Verification Code will appear in 2 Seconds ... Wait