An Effective Defense Against Distributed Denial of Service in GRID

Venkatesu, N.; Chakravarthy, Vasu; Sathya, D.

doi:10.1109/icetet.2008.155

Cited by 4 publications

(1 citation statement)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example filtering each packet some traffic pattern and IP history and reject suspected packets. [12][13][14] [15]. Trust based model to mitigate active attacks is suggested by N. Bhalaji, Dr. A. Shanmugam [25].…”

Section: Quality Of Service Issuesmentioning

confidence: 99%

A Dynamic Bandwidth Assignment Approach Under DDoS Flood Attack

Singh¹,

Verma²

2012

JAIT

View full text Add to dashboard Cite

Distributed denial-of-service (DDoS) attacks are a major threat to the Internet. A lot of research is going on to detect, prevent and trace back DDoS attacks. Most of researchers are busy in post attack forensics which comes after the attack has been occurred but nobody is talking about how to design a system which can tolerate such attacks. In this paper we have suggested a approach for dynamic assignment of bandwidth in order to sustain the server. Basic idea is to examine genuine IP user’s traffic flow based on volume. Divide traffic in two categories of genuine traffic and malicious traffic and assign bandwidth as per category. The idea is to design a system which can give services even when the server is under attack. However some performance will degrades but overall Quality of services will be acceptable. A new formula also has been derived for dynamic bandwidth assignment which is based on number of genuine users and traffic volumes of users and attackers.

show abstract

Section: Quality Of Service Issuesmentioning

confidence: 99%

A Dynamic Bandwidth Assignment Approach Under DDoS Flood Attack

Singh¹,

Verma²

2012

JAIT

View full text Add to dashboard Cite

show abstract

Repeatedly Coding Inter-Packet Delay for Tracking Down Network Attacks

Yu¹,

Zhang²,

Tan³

et al. 2020

Int J Performability Eng

View full text Add to dashboard Cite

Enhancement of the Detection of the TCP SYN Flooding (DDoS) Attack

Ali¹,

Ibraheem²,

Ahmad³

2023

jcoeng

View full text Add to dashboard Cite

The major of DDoS attacks use TCP protocol and the TCP SYN flooding attack is the most common one among them. The SYN Cookie mechanism is used to defend against the TCP SYN flooding attack. It is an effective defense, but it has a disadvantage of high calculations and it doesn’t differentiate spoofed packets from legitimate packets. Therefore, filtering the spoofed packet can effectively enhance the SYN Cookie activity. Hop Count Filtering (HCF) is another mechanism used at the server side to filter spoofed packets. This mechanism has a drawback of being not a perfect and final solution in defending against the TCP SYN flooding attack. An enhanced mechanism of Integrating and combining the SYN Cookie with Hop Count Filtering (HCF) mechanism is proposed to protect the server from TCP SYN flooding. The results show that the defense against SYN flood DDoS attack is enhanced, since the availability of legitimate packets is increased and the time of SYN Cookie activity is delayed.

show abstract

An Effective Defense Against Distributed Denial of Service in GRID

Cited by 4 publications

References 6 publications

A Dynamic Bandwidth Assignment Approach Under DDoS Flood Attack

A Dynamic Bandwidth Assignment Approach Under DDoS Flood Attack

Repeatedly Coding Inter-Packet Delay for Tracking Down Network Attacks

Enhancement of the Detection of the TCP SYN Flooding (DDoS) Attack

Contact Info

Product

Resources

About