A UNIFIED APPROACH FOR DETECTION AND PREVENTION OF DDOS ATTACKS USING ENHANCED SUPPORT VECTOR MACHINES AND FILTERING MECHANISMS
Journal: ICTACT Journal on Communication Technology (IJCT) (Vol.4, No. 2)Publication Date: 2013-06-01
Authors : T. Subbulakshmi P. Parameswaran C. Parthiban M. Mariselvi J. Adlene Anusha; G. Mahalakshmi;
Page : 737-743
Keywords : DDoS Attacks; Lanchester Linear Law; Enhanced Support Vector Machines; Rate Based Limiting; History Based IP Filtering;
Abstract
Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP’s are detected in this approach. Non spoofed IP’s are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP’s are detected using Hop Count Filtering (HCF) mechanism. The detected IP’s are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.
Other Latest Articles
- ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK
- EFFICIENT LOAD BALANCING TECHNIQUE TO ENSURE PREDICTABILITY AND RELIABILITY IN WIRELESS SENSOR NETWORK
- CONCEPTION OF BI-FOLD AUTHENTICATED AGENT ? MONITORED TRANSACTION ARCHITECTURE
- IMPLEMENTATION AND COMPARISON OF DIFFERENT CIC FILTER STRUCTURE FOR DECIMATION
- BAC: BANDWIDTH BASED ADMISSION CONTROL SCHEME FOR GATEWAY RELOCATION IN IEEE 802.16e NETWORKS
Last modified: 2013-12-06 13:45:52