Distributed Denial of Service Prevention Techniques

Gupta, Brij B.; Joshi, R. C.; Misra, Manoj

doi:10.7763/ijcee.2010.v2.148

Cited by 41 publications

(28 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This software will continuously monitoring the TCP three-way handshake messages before the server reply. Router-based distributed packet filtering (DPF) mechanism [17] exploits routing information to determine if a packet arriving at the router is valid with respect to its inscribed source/destination addresses.…”

Section: IVmentioning

confidence: 99%

See 1 more Smart Citation

Performance comparison of defense mechanisms against TCP SYN flood DDoS attack

Kolahi

Alghalbi

Alotaibi

et al. 2014

2014 6th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)

View full text Add to dashboard Cite

show abstract

Section: IVmentioning

confidence: 99%

“…TCP SYN Flood attack is investigated in this paper. TCP SYN Flooding has remained one of the most destructive attack since September 1996; numerous sites on the internet have been effected by a TCP SYN Flood denial of service attack, prevalently termed SYN Flooding [2].…”

Section: Introductionmentioning

confidence: 99%

Performance comparison of defense mechanisms against TCP SYN flood DDoS attack

Kolahi

Alghalbi

Alotaibi

et al. 2014

2014 6th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)

View full text Add to dashboard Cite

show abstract

“…BGP routing information is used by RPF to filter traffic with spoofed source addresses. However, the filtering granularity of RPF is low [18].…”

Section: Related Workmentioning

confidence: 99%

Two level Authentication and Packet Marking Mechanism for Defending against DoS and DDoS Attacks

Ananthi¹,

Balasubramanie²

2013

IJCA

View full text Add to dashboard Cite

Denial of Service (DoS) attacks present a serious problem for Internet communications. IP source address spoofing is used by DoS and DDoS attacks on targeted victim. IP spoofing to forge the source IP address of the packet, and thereby hide the identity of source. This makes hard to detect and defend against such attack. This paper presents a token based authentication and Packet Marking mechanism (TAPM) for preventing IP spoofing. TAPM uses efficient public key cryptography to issue tokens and hash based cryptography for packet marking. It does not require changes or restrictions to the Internet routing protocol, is incrementally deployable, and offers protection from denial-of-service attacks based on IP spoofing. This paper presents efficient algorithm for token generation and evaluates its feasibility and correctness by simulation experiments.

show abstract

“…As a result, it creates network congestion on the target, thus disrupting its normal Internet operation [1].…”

Section: Introductionmentioning

confidence: 99%

Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13

Kolahi

Treseangrat

Sarrafpour

2015

2015 International Conference on Communications, Signal Processing, and Their Applications (ICCSPA'15)

View full text Add to dashboard Cite

Abstract-Denial of Service (DoS) attacks is one of the major threats and among the hardest security problems in the Internet world. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, an attacker can easily exhaust the computing resources of its victim within a short period of time. In this paper, we study the impact of a UDP flood attack on TCP throughput, round-trip time, and CPU utilization for a Web Server with the new generation of Linux platform, Linux Ubuntu 13. This paper also evaluates the impact of various defense mechanisms, including Access Control Lists (ACLs), Threshold Limit, Reverse Path Forwarding (IP Verify), and Network Load Balancing. Threshold Limit is found to be the most effective defense.

show abstract

Distributed Denial of Service Prevention Techniques

Cited by 41 publications

References 23 publications

Performance comparison of defense mechanisms against TCP SYN flood DDoS attack

Performance comparison of defense mechanisms against TCP SYN flood DDoS attack

Two level Authentication and Packet Marking Mechanism for Defending against DoS and DDoS Attacks

Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13

Contact Info

Product

Resources

About