Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

A Two Level Architecture Using Consensus Method for Global Decision Making against DDoS Attacks


Affiliations
1 Department of Information Technology, Karunya University, Coimbatore, Tamil Nadu, India
     

   Subscribe/Renew Journal


Distributed Denial of service is a major threat to the availability of internet services. Due to the distributed, large scale nature of the Internet makes DDoS (Distributed Denial-of-Service) attacks stealthy and difficult to counter. Defense against Distributed Denial- of - Service attacks is one of the hardest security problems on the Internet. Recently these network attacks have been increasing. Therefore more effective countermeasures are required to counter the threat. This requirement has motivated us to propose a novel mechanism against DDoS attack. This paper presents the design details of a distributed defense mechanism against DDoS attack. In our approach, the egress routers of the intermediate network coordinate with each other to provide the information necessary to detect and respond to the attack. Thus, a detection system based on single site will have either high positive or high negative rates. Unlike the traditional IDSs (Intrusion Detection System) this method has the potential to achieve high true positive ratio. This work has been done by using consensus algorithms for exchanging the information between the detection systems. So the overall detection time would be reduced for global decision making.

Keywords

DDoS Attack, IDSs, Consensus Algorithm.
Subscription Login to verify subscription
User
Notifications
Font Size

Abstract Views: 280

PDF Views: 0




  • A Two Level Architecture Using Consensus Method for Global Decision Making against DDoS Attacks

Abstract Views: 280  |  PDF Views: 0

Authors

S. Seetha
Department of Information Technology, Karunya University, Coimbatore, Tamil Nadu, India
P. Raviraj
Department of Information Technology, Karunya University, Coimbatore, Tamil Nadu, India

Abstract


Distributed Denial of service is a major threat to the availability of internet services. Due to the distributed, large scale nature of the Internet makes DDoS (Distributed Denial-of-Service) attacks stealthy and difficult to counter. Defense against Distributed Denial- of - Service attacks is one of the hardest security problems on the Internet. Recently these network attacks have been increasing. Therefore more effective countermeasures are required to counter the threat. This requirement has motivated us to propose a novel mechanism against DDoS attack. This paper presents the design details of a distributed defense mechanism against DDoS attack. In our approach, the egress routers of the intermediate network coordinate with each other to provide the information necessary to detect and respond to the attack. Thus, a detection system based on single site will have either high positive or high negative rates. Unlike the traditional IDSs (Intrusion Detection System) this method has the potential to achieve high true positive ratio. This work has been done by using consensus algorithms for exchanging the information between the detection systems. So the overall detection time would be reduced for global decision making.

Keywords


DDoS Attack, IDSs, Consensus Algorithm.