Research Article
Attack Prevention and Attack Detection Strategies by Comparing different DDos Models
|
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
| Volume 129 - Issue 14 |
| Published: November 2015 |
| Authors: Siva Balaji Yadav C., R. Seshadri |
10.5120/ijca2015907094
|
Siva Balaji Yadav C., R. Seshadri . Attack Prevention and Attack Detection Strategies by Comparing different DDos Models. International Journal of Computer Applications. 129, 14 (November 2015), 24-27. DOI=10.5120/ijca2015907094
@article{ 10.5120/ijca2015907094,
author = { Siva Balaji Yadav C.,R. Seshadri },
title = { Attack Prevention and Attack Detection Strategies by Comparing different DDos Models },
journal = { International Journal of Computer Applications },
year = { 2015 },
volume = { 129 },
number = { 14 },
pages = { 24-27 },
doi = { 10.5120/ijca2015907094 },
publisher = { Foundation of Computer Science (FCS), NY, USA }
}
%0 Journal Article
%D 2015
%A Siva Balaji Yadav C.
%A R. Seshadri
%T Attack Prevention and Attack Detection Strategies by Comparing different DDos Models%T
%J International Journal of Computer Applications
%V 129
%N 14
%P 24-27
%R 10.5120/ijca2015907094
%I Foundation of Computer Science (FCS), NY, USA
Abstract
DDoS attacks are launched with the intention of depleting the network and server resources. The proposed work identifies that the malice behavior of the nodes requesting service and the malice nature of the traffic are the two major issues to be addressed. Accordingly, the defense framework employs attack avoidance methods, attack prevention model and attack detection strategies to be deployed in each autonomous system (AS). A way of avoiding attacks is to ensure that attacks may not exploit the vulnerabilities. This is achieved in this work through enhanced anti-spoofing techniques that resolve insider attacks, and a differentiated routing based on traffic classification.
References
- Gil, T. M., and Poletter, M. (2001). Multops : a data-structure for bandwidth attack detection. Proceedings of US ENIX Security Symposium . USENIX Press, Berkeley, CA.
- Mahajan, R., Bellovin, S. M., Floyd, S., Ioannidi s, J., Paxson, V., and Shenker, S. (2002). Controlling high bandwidth aggregates in the network. ACM SIGCOMM Computer Communications Review , 32(3), 62-73.
- Li, J., Mirkovic, J., Wang, M., Reiher, P ., and Zhang, L. (2002). Save: source address validity enforcement protocol. Proceedings of IEEE Infocom , 3, 1557-1566. IEEE Press, New York.
- Gu, Q., Liu, P., and Chu, C. (2004). Tactical bandwidth exhaustion in ad hoc networks. Proceedings of the 5th Annual I EEE Information Assurance Workshop , 257-264. IEEE Press, New York.
- Zhang, R., and Chen, K. (2005). Improvements on the WTLS protocol to avoid denial of service attacks. Computers & Security , Vol. 24(1), pp. 76-82.
- Gu, Q., Liu, P., Zhu, S., and Chu, C. H. (2005) . Defending against packet injection attacks in unreliable ad hoc networks. Proceedings of IEEE Globecom . IEEE Press, New York.
- Aljifri, H., Smets, M., and Pons A. (2003). IP Traceback using header compression. Computers & Security , Vol. 22(2), pp. 136-151.
- V. Yegneswaran, P. Barford, and J. Ullrich. (2003) Internet intrusions: Global characteristics and prevalence. In In Proceedings of the 2003 ACM SIGMETRICS International conference on Measurement and Modeling of Computer Systems, pages 138-147.
- Y. L. Zheng and J. Leiwo. (1997)A Method to Implement a Denial of Service Protection Base. In Information Security and Privacy , volume 1270 of LNCS, pages 90-101.
- F. Lau, S. H. Rubin, M. H. Smith, and L. Trajkovic. (2000.) Distributed Denial of Service Attacks. InIEEE International Conference on Systems, Man, and Cybernetics , pages 2275-2280, Nashville, TN, USA.
- S. Savage, D. Wetherall, A. Karlin, and T. Anderson. (2000) Practical Network Support for IP Traceback. In Proceedings of ACM SIGCOMM.
Index Terms
Keywords