Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

A System for Distributed Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis


Affiliations
1 Department of CSE, Loyola Institute of Technology and Science, India
     

   Subscribe/Renew Journal


A Computer Network is a telecommunication network that allows computers to exchange data. In computer networks, networked computing devices (network nodes) pass data to each other data connections. The connections between nodes are established using either cable media or wireless media. A Major security problem is the Distributed Denial of Service (DDoS). In the existing system there is no protection of end-users and only one server was used and due to this many data's has been lost. This is the drawback in the existing system. In the proposed system, the problem caused due to DDoS attacks has been addressed and a novel Intrusion Prevention System (IPS) named as collaborative shield for detecting DDoS flooding attacks has been proposed The collaborative shield is located at the Internet Service Provider (ISP) and it uses increasing number of servers and packet splitting protocol for sending data through different networks. The collaborative shield forms virtual protection rings around the hosts by exchanging the selected traffic information. The proposed system addresses the disadvantages stated in the existing systems and overcomes the problems in terms of packet loss, considerable time delay, traffic problem and security problem.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target system in an attempt to consume enough server resources to make system unresponsive to legitimate traffic. SYN flood attacks still dominate distributed denial of service attacks. It is a great challenge to accurately detect the SYN flood attacks which utilise skillful spoofs to evade traditional detection methods. An intelligent attacker would evade the public detection methods by suitably spoofing the attack to appear. Keeping Per-flow or per-connection state would eliminate such a spoofing. But meanwhile, it is very difficult to be implemented. A more accurate and fast detection method, named SACK2, is proposed to deal with all kinds of SYN flood attacks with limited implementation costs.

Keywords

Collaboration, Detection, Distributed Denial of Service (DDoS), Flooding, Network Security.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 257

PDF Views: 3




  • A System for Distributed Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis

Abstract Views: 257  |  PDF Views: 3

Authors

S. Gopika
Department of CSE, Loyola Institute of Technology and Science, India
I. Diana Jeba Jingle
Department of CSE, Loyola Institute of Technology and Science, India

Abstract


A Computer Network is a telecommunication network that allows computers to exchange data. In computer networks, networked computing devices (network nodes) pass data to each other data connections. The connections between nodes are established using either cable media or wireless media. A Major security problem is the Distributed Denial of Service (DDoS). In the existing system there is no protection of end-users and only one server was used and due to this many data's has been lost. This is the drawback in the existing system. In the proposed system, the problem caused due to DDoS attacks has been addressed and a novel Intrusion Prevention System (IPS) named as collaborative shield for detecting DDoS flooding attacks has been proposed The collaborative shield is located at the Internet Service Provider (ISP) and it uses increasing number of servers and packet splitting protocol for sending data through different networks. The collaborative shield forms virtual protection rings around the hosts by exchanging the selected traffic information. The proposed system addresses the disadvantages stated in the existing systems and overcomes the problems in terms of packet loss, considerable time delay, traffic problem and security problem.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target system in an attempt to consume enough server resources to make system unresponsive to legitimate traffic. SYN flood attacks still dominate distributed denial of service attacks. It is a great challenge to accurately detect the SYN flood attacks which utilise skillful spoofs to evade traditional detection methods. An intelligent attacker would evade the public detection methods by suitably spoofing the attack to appear. Keeping Per-flow or per-connection state would eliminate such a spoofing. But meanwhile, it is very difficult to be implemented. A more accurate and fast detection method, named SACK2, is proposed to deal with all kinds of SYN flood attacks with limited implementation costs.

Keywords


Collaboration, Detection, Distributed Denial of Service (DDoS), Flooding, Network Security.