Open Access
Subscription Access
Open Access
Subscription Access
A Unified Approach for Detection and Prevention of DDOS Attacks Using Enhanced Support Vector Machines and Filtering Mechanisms
Subscribe/Renew Journal
Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP's are detected in this approach. Non spoofed IP's are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP's are detected using Hop Count Filtering (HCF) mechanism. The detected IP's are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.
Keywords
DDoS Attacks, Lanchester Linear Law, Enhanced Support Vector Machines, Rate Based Limiting, History Based IP Filtering.
Subscription
Login to verify subscription
User
Font Size
Information
Abstract Views: 293
PDF Views: 0