CFP last date
21 October 2024
Reseach Article

DDoS Traffic Verification Algorithm for Legitimate Clients Identification in Distributed Denial of Service (DDoS) Attacks

by S. K. Lavanya, B. Vinothkumar
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 50 - Number 4
Year of Publication: 2012
Authors: S. K. Lavanya, B. Vinothkumar
10.5120/7763-0836

S. K. Lavanya, B. Vinothkumar . DDoS Traffic Verification Algorithm for Legitimate Clients Identification in Distributed Denial of Service (DDoS) Attacks. International Journal of Computer Applications. 50, 4 ( July 2012), 34-37. DOI=10.5120/7763-0836

@article{ 10.5120/7763-0836,
author = { S. K. Lavanya, B. Vinothkumar },
title = { DDoS Traffic Verification Algorithm for Legitimate Clients Identification in Distributed Denial of Service (DDoS) Attacks },
journal = { International Journal of Computer Applications },
issue_date = { July 2012 },
volume = { 50 },
number = { 4 },
month = { July },
year = { 2012 },
issn = { 0975-8887 },
pages = { 34-37 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume50/number4/7763-0836/ },
doi = { 10.5120/7763-0836 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:47:28.881715+05:30
%A S. K. Lavanya
%A B. Vinothkumar
%T DDoS Traffic Verification Algorithm for Legitimate Clients Identification in Distributed Denial of Service (DDoS) Attacks
%J International Journal of Computer Applications
%@ 0975-8887
%V 50
%N 4
%P 34-37
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Distributed Denial of Service (DDoS) attacks have become a major threat to the stability of the internet and there is no satisfactory solution yet. These attacks are familiar threats to internet users for more than 10 years. Such attacks are carried out by a "bot-net", an army of zombie hosts spread around the internet, that overwhelm the bandwidth toward their victim web server, by sending traffic upon command. This paper introduces traffic verification algorithm is especially designed to protect the victim server from the harm attacks and legitimate clients are identified in an effective manner. The legitimate clients are maintained in a separate list called "whitelist" and it will be refreshed frequently. So the attacker can't spoof the legitimate client addresses. The simulation result shows that the legitimate clients are maintained in an effective manner.

References
  1. B. B. Gupta, R. C. Joshi and M. Misra, Distributed Denial of Service prevention techniques, in: International Journal of Computer and Electrical Engineering, Vol. 2, No. 2, April 2010, 1793-8163.
  2. K. Kumar, R. C. Joshi, K. Singh, An Integrated Approach for Defending against Distributed Denial of Service (DDoS) attacks, in: iriss, 2006, IIT Madras.
  3. Jin, C. Wang, H. Kang, G. , Hop-Count filtering: An Effective Defense against spoofed traffic, in: IEEE transaction on Dependable & Secure Computing, 2004.
  4. Lipson, H. F. , Tracking and Tracing Cyber attacks: Technical Challenges and Global policy issues, in: CMU/SEI-2002-SR-009, November 2002.
  5. L. Garber. Denial-of-service attacks rip the Internet. In IEEE Computer, volume 33, April 2000.
  6. G. Virgil. On denial of service in computer networks. In Proceedings of International Conference on Data Engineering, pages 608– 617, February 1986.
  7. J. Howard. An Analysis of Security Incidents on the Internet. PhD thesis, Carnegie Mellon University, August 1998.
  8. Jaeyeon Jung, Balachander Krishnamurthy, and Michael Rabinovich. Flash crowds and denial of service attacks: Characterization and Implications for CDNs and web sites. In The Eleventh International World Wide Web Conference (WWW 11), May 2002.
  9. David Moore, Geoffrey Voelker, and Stefan Savage. Inferring Internet denial of service activity. In Proceedings the 10th USENIX, Security Symposium, Washington, D. C. , August 2001. USENIX.
  10. P. Ferguson and D. Senie. Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. RFC 2267, January 1998.
  11. D. Bernstein. Syn cookies. http://cr. yp. to/syncookies. html, 1996.
  12. J. Ioannidis and S. M. Bellovin. Implementing pushback: Router-based defense against DDoS. In Proceedings of Network and Distributed System Security Symposium, 2002.
  13. K. Argyraki and D. R. Cheriton. Active internet traffic filtering: Real-time response to denial-of-service attacks. In USENIX Annual Technical Conference, 2005.
  14. S. M. Specht and R. B. Lee, Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures, Proc. PDCS 2004.
  15. Simpson, S. , Lindsay, A. T. , Hutchison, D. : Identifying Legitimate Clients under Distributed Denial-of-Service Attacks. In Network and System Security (NSS). IEEE, 2010.
  16. D. Garg, DDoS Mitigation Techniques-A Survey, International Conference on Advanced Computing, Communication and Networks 2011.
  17. L. Cook, W. G. Morein, A. D. Keromytis, V. Misra, and D. Rubenstein, "WebSOS: Protecting Web Servers from DDoS attacks," Proceedings of the 11th IEEE International Conference on Networks (ICON 2003), September 2003, pp. 455-460.
Index Terms

Computer Science
Information Sciences

Keywords

Distributed Denial of Service (DDoS) botnet zombie