Use of Honeypot and IP Tracing Mechanism for Prevention of DDOS Attack

A DDoS attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet. Everybody has been hacked one way or another when dealing with computers. DDoS attackers hijack secondary victim systems using them to wage a coordinated large-scale attack against primary victim systems. These attacks are not easily detected. One of the main difficulties in the detection and prevention of Distributed Denial of Service (DDoS) attacks is That the incoming packets cannot be traced back to the source of the attack, because (typically) they contain invalid or spoofed source IP address. For that reason, a victim system cannot determine whether an incoming packet is part of a DDoS attack or belongs to a legitimate user. Various methods have been proposed to solve the problem of IP traceback for large packet flows. As new approach is developed to prevent DDoS attacks, attackers are constantly developing new methods to attack the system. In this paper we describe prevention mechanism of HoneyBOT software to find the intruder IP and trace the IP. Those IP we have prevent via advanced firewall rules in duration of attacking. These approaches illustrate similarities and patterns in different DDoS prevention mechanism, to assist in the development of more generalized solutions to DDoS solution.