i-manager Publications

A Classification of DDoS Attacks and its Approach for Attack Prevention

M. Chaitanya Kishore Reddi*, Sunil Kumawath**, T. Gowtham Sai Krishna***, T.M. Sneha****

* Assistant Professor, Department of Computer Science and Engineering, St. Peter’s Engineering College, Hyderabad, India.

**-**** Scholar, Department of Computer Science and Engineering, St. Peter’s Engineering College, Hyderabad, India.

Periodicity:June - August'2017
DOI : https://doi.org/10.26634/jcom.5.2.13903

Abstract

Currently, distributed denial of service attack (DDoS) is a very serious threat in the internet. Large number of packets are send to a victim to jam the traffic so that the attacker can use the data of the victim. Various attack methods, its mechanisms, flooding attacks etc (Mirkovic and Reiher, 2005) are briefed in this paper. The scopes of DDOS attacks, measures and solutions to the attacks are hereby explored with effectiveness in various attack scenarios. A Distributed Denial-of-Service (DDoS) attack is an attack where the perpetrator uses more than one unique IP address, often thousands of them. Attacks may involve forging sender's Internet Protocol (IP) addresses (IP address spoofing) as an alternative or augmentation of DDoS, making it difficult to identify and defeat the attack. For specific targeted purposes, including disrupting transactions and accessing databases, an application layer DDoS attack is done, which requires less resource and often accompanies network layer attacks.

Keywords

DDoS Attacks, Flooding Attack, Classifications, Tools, Algorithms

How to Cite this Article?

Reddy, M.C.K., Kumawath, S., Krishna, T.G.S., and Sneha, T.M. (2017). A Classification of DDoS Attacks and its Approach for Attack Prevention. i-manager’s Journal on Computer Science, 5(2), 1-7. https://doi.org/10.26634/jcom.5.2.13903

References

[1]. Alomari, E., Manickam, S., Gupta, B. B., Karuppayah, S., & Alfaris, R. (2012). Botnet-based Distributed Denial of Service (DDoS) Attacks on Web servers: Classification and Art. Cornel University Library.

[2]. Bellovin, S. M. & Gont, F. (2012). Defending against sequence number attacks. RFC 1948.

[3]. Bhuyan, M. H., Kashyap, H. J., Bhattacharyya, D. K., & Kalita, J. K. (2013). Detecting distributed denial of service attacks: methods, tools and future directions. The Computer Journal, 57(4), 537-556.

[4]. Chang, R. K. (2002). Defending against floodingbased distributed denial-of-service attacks: a tutorial. IEEE Communications Magazine, 40(10), 42-51.

[5].Cohen, M. L. & Kuykendall, D. A. (2011). Prevention of distributed denial of service attacks. U.S. Patent Application No. 12/889, 322.

[6]. Dittrich, D. (1999). The DoS Project's 'trinoo' distributed denial of service attack tool

[7]. Ferguson, P. & Senie, D. (2000). Network Ingress Filtering: Defeating Denial of service Attacks which Employ IP Source Address Spoofing. RFC 2827.

[8]. Garg, A. & Reddy, A. L. N. (2002). Mitigation of DoS attacks through QoS Regulation. In Proceedings of IWQOS workshop.

[9]. Gavrilis, D. & Dermatas, E. (2005). Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Computer Networks, 48(2), 235- 245.

[10]. Hashmi, M. J., Saxena, M., & Saini, R. (2012). Classification of DDoS attacks and their defense techniques using intrusion prevention system. International Journal of Computer Science & Communication Networks, 2(5), 607-614.

[11]. Iumatti-Lodewyk, V. (2015). A meta-synthesis of micro facial expression literature and the legal system (Doctoral dissertation, Alaska Pacific University).

[12]. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed denial of service attacks. In Systems, Man, and Cybernetics, 2000 IEEE International Conference on (Vol. 3, pp. 2275-2280). IEEE.

[13]. Leiwo, J. & Zheng, Y. (1997, July). A method to implement a denial of service protection base. In Australasian Conference on Information Security and Privacy (pp. 90-101). Springer, Berlin, Heidelberg.

[14]. Mirkovic, J. & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39-53.

[15]. Mirkovic, J. & Reiher, P. (2005). D-WARD: a sourceend defense against flooding denial-of-service attacks. IEEE transactions on Dependable and Secure Computing, 2(3), 216-232.

[16]. Paxson, V. (2001). An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Computer Communication Review, 31(3), 38-47.

[17]. Peng, T., Leckie, C., & Ramamohanarao, K. (2007). Sur vey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Computing Surveys (CSUR), 39(1), 3.

[18]. Prier, G. K. (2003). IDward: Implementing DWard on the IXP (Doctoral dissertation, University of California, Los Angeles).

[19]. Solms, R. V. & Niekerk, J. V. (2013). From information security to cyber security. Computers & Security, 38, 97- 102.

[20]. Spatscheck, O. & Peterson, L. L. (1999, February). Defending against denial of service attacks in Scout. In OSDI (Vol. 99, pp. 59-72).

[21]. Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys & Tutorials, 15(4), 2046-2069.

A Classification of DDoS Attacks and its Approach for Attack Prevention

Abstract

Keywords

How to Cite this Article?

References

If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Options for accessing this content:

	North Americas,UK, Middle East,Europe		India	Rest of world
	USD	EUR	INR	USD-ROW
Pdf	35	35	200	20
Online	35	35	200	15
Pdf & Online	35	35	400	25