Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

A Unified Approach for Detection and Prevention of DDOS Attacks Using Enhanced Support Vector Machines and Filtering Mechanisms


Affiliations
1 Department of Information Technology, Sethu Institute of Technology, India
2 Tata Consultancy Services, India
3 Department of Computer Science and Engineering, Thiagarajar College of Engineering, India
     

   Subscribe/Renew Journal


Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP's are detected in this approach. Non spoofed IP's are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP's are detected using Hop Count Filtering (HCF) mechanism. The detected IP's are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Keywords

DDoS Attacks, Lanchester Linear Law, Enhanced Support Vector Machines, Rate Based Limiting, History Based IP Filtering.
Subscription Login to verify subscription
User
Notifications
Font Size

Abstract Views: 293

PDF Views: 0




  • A Unified Approach for Detection and Prevention of DDOS Attacks Using Enhanced Support Vector Machines and Filtering Mechanisms

Abstract Views: 293  |  PDF Views: 0

Authors

T. Subbulakshmi
Department of Information Technology, Sethu Institute of Technology, India
P. Parameswaran
Tata Consultancy Services, India
C. Parthiban
Tata Consultancy Services, India
M. Mariselvi
Department of Computer Science and Engineering, Thiagarajar College of Engineering, India
J. Adlene Anusha
Department of Computer Science and Engineering, Thiagarajar College of Engineering, India
G. Mahalakshmi
Department of Computer Science and Engineering, Thiagarajar College of Engineering, India

Abstract


Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP's are detected in this approach. Non spoofed IP's are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP's are detected using Hop Count Filtering (HCF) mechanism. The detected IP's are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Keywords


DDoS Attacks, Lanchester Linear Law, Enhanced Support Vector Machines, Rate Based Limiting, History Based IP Filtering.