Networking and Communication Engineering

R. Rathika
Sri Ramakrishna Engineering College, Coimbatore-22, India

B. Dharanya
Sri Ramakrishna Engineering College, Coimbatore -22, India

K. Kiruthika Devi
Sri Ramakrishna Engineering College, Coimbatore-22, India

Abstract

Distributed Denial of Service (DDoS) attacks is flattering ever more challenging with the vast resources and techniques increasingly available to attackers. Distributed Denial of Service (DDoS) attacks constitutes one of the most important threats and among the hardest security problems in today's Internet of particular concern are Distributed Denial of Service (DDoS) attacks, whose collision can be proportionally severe. In this paper, consider sophisticated attacks that are protocol-compliant, non-intrusive, and utilize legitimate application-layer requests to overwhelm system resources. I have characterize application-layer resource attacks as either request flooding, asymmetric, or repeated one-shot, on the basis of the application workload parameters that they exploit. To protect servers from these attacks, propose a counter-mechanism that consists of a suspicion assignment mechanism and a DDoS-resilient scheduler, DDoS Shield. In contrast to prior work, our distrust mechanism assigns a continuous valued vs. binary measure to each client session, and the scheduler utilizes these values to determine if and when to schedule a session’s requests. Using tested experiments on a web application, demonstrate the strength of these resource attacks and evaluate the efficiency of our counter-mechanism. For instance, affect an asymmetric attack which overwhelms the server resources, increasing the response time of legitimate clients from 0.1 seconds to 10 seconds. Under the same attack scenario, DDoS Shield limits the effects of false-negatives and false-positives and improves the victims’ performance to 0.8 seconds.

Keywords