A Distributed Denial of Service attack is coordinated and synchronized set of comprehensive attacks on a sophisticated network and its services that hampers the network infrastructure thereby bringing down its performance. Its effects are characterized by the uninformed delays and interruptions accompanied by undue losses. Since no optimal methodology exists, the internet continues to remain susceptible to DDoS attacks. The PacketScore scheme is a practical DDoS defense mechanism, which approximates the authenticity of the packets concerning its attribute values and discards selective attack packets. This paper extends the PacketScore scheme and implements a new two-level filtering mechanism using Leaky Bucket that can lessen the losses created by the attacks. The proposed scheme validates the data signatures of the packets complementing the check performed on the packet header. This two-level scrutiny enhances the correctness of detection of DDoS attacks. A standard model to review the efficiency of the two-level filtering has been proposed and the scheme has been deployed and tested in ANTS active network tool kit. The implementation of the proposed scheme is easy let alone efficient and effective in DDoS attack detection with an accurate response to varying DDoS attacks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.