Downloads: 115 | Views: 172

Research Paper | Computer Science & Engineering | India | Volume 2 Issue 4, April 2013

Efficient Framework to Mitigate DDoS Attacks and Response System

Abstract: A Distributed Denial-of-Service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users. The nature of the threats posed by DDoS attacks on large networks, such as the Internet, demands effective detection and response methods. These methods must be deployed not only at the edge but also at the core of the network. This paper presents methods to identify DDoS attacks by computing entropy and frequency-sorted distributions of selected packet attributes. The DDoS attacks show anomalies in the characteristics of the selected packet attributes. The detection accuracy and performance are analyzed using live traffic traces from a variety of network environments ranging from points in the core of the Internet to those inside an edge network. The results indicate that these methods can be effective against current attacks and suggest directions for improving detection of more stealthy attacks. We also describe our detection-response prototype and how the detectors can be extended to make effective response decisions.

Keywords: Distributed Denial of Service, Entropy, Edge network, Stealthy Attacks

Edition: Volume 2 Issue 4, April 2013,

Pages: 386 - 391

How to Download this Article?

Type Your Valid Email Address below to Receive the Article PDF Link

Verification Code will appear in 2 Seconds ... Wait

Efficient Framework to Mitigate DDoS Attacks and Response System

Similar Articles with Keyword 'Entropy'

Noise Analysis and Removal Using Fuzzy Mean Filter with Triangular Membership Function

Medical Image Compression Using ISPIHT & JPEG2000 Hybrid