Two Layer Defending Mechanism against DDoS Attacks

Two Layer Defending Mechanism against DDoS Attacks

Kiruthika Subramain, Preetha Gunasekaran, and Mercy Selvaraj

Department of Computer Science and Engineering, Thiagarajar College of Engineering,

Affiliated to Anna University, India

Abstract: Distributed Denial of Service (DDoS) attackers make a service unavailable for intended users. Attackers use IP spoofing as a weapon to disguise their identity. The spoofed traffic follows the same principles as normal traffic, so detection and filtering is very essential.  Hop-Count Filtering (HCF) scheme identifies packet whose source IP address is spoofed. The  information  about  a  source  IP  address  and  its  corresponding  hops  from  a  server (victim) recorded in a table at the victim. The incoming packet is checked against this table for authenticity. The design of IP2HC table reduces the amount of storage space by IP address clustering. The proposed work filters majority of the spoofed traffic by HCF-SVM algorithm on the network layer.  DDoS attackers using genuine IP is subjected to traffic limit at the Application layer. The two layer defense approach protects legitimate traffic from being denied, thereby mitigating DDoS effectively. HCF - SVM model yields 98.99% accuracy with reduced false positive rate and the rate limiter punishes the aggressive flows and provides sufficient bandwidth for legitimate users without any denial of service. The implementation of the proposed work is carried out on an experimental testbed.

 Keywords: DDoS, hop-count, IP2HC table, clustering, IP spoofing, testbed.

 Received November 9, 2012; acceped April 29, 2013

Full Text

 

 

Read 2164 times Last modified on Sunday, 19 August 2018 04:54
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…