New Reply 
Identifying Legitimate Clients under Distributed Denial-of-Service Attacks
smart paper boy Offline
SP Deserved Member
**********
Posts: 2,051
Threads: 1,405
Joined: Jun 2011
#1
30-08-2011, 10:07 AM

Abstract
Distributed Denial of Service (DDoS) attacks are a persistent, current, and very real threat to networks. Expanding upon a flexible distributed framework for network remediation utilising multiple strategies, we examine a novel fusion of methods to maximise throughput from legitimate clients and minimise the impact from attackers. The basic approach is to build up a whitelist of likely legitimate clients by observing outgoing traffic, presenting a challenge though proof-of-work, and providing flow cookies. Traffic that does not match the expected profile is likely attack traffic, and can be heavily filtered during attack conditions. After we incrementally develop this approach, we explore the positive and negative impacts of this approach upon the network and analyse potential countermeasures.
1. Introduction
The INTERSECTION project, funded by the European Commission, has created an open, distributed, self-regulating framework for network intrusion tolerance. Network measurement, intrusion detection, and event remediation are all carried out by independent systems, loosely coupled. Our chief concern is with event remediation: to carry out temporary actions on the network in response to externally-detected intrusion events, and to withdraw thise actions when the event has passed. This remediation system was previously described in [4]. This paper looks further into specific strategies we employ within this architecture in response to bandwidth-starvation DDoS attacks, which represent a class of attack which is notably challenging for network remediation.
1.1. Observations of bandwidth-saturation DDoS
The scope of this paper is limited to remedying bandwidth-saturation attacks. While traffic of such an attack spans the Internet, we note that:
1. The direct victims of the attack are typically the uplinks of the edge networks hosting target nodes (those which are addressed by the attack packets). The indirect (and probably intended) victims are the nodes normally reachable through such networks.
2. Core networks are extremely over-provisioned, so they are not particularly vulnerable to volumebased attacks. Nor are they likely intended victims, as crippling them would probably harm the unrelated interests of the attacker.
3. Edge networks hosting attacking nodes are not direct victims, as those nodes are generating relatively small amounts of traffic individually, while the target networks are receiving many coalesced attacking flows. Any solution to this form of DDoS must take steps to reduce attack traffic somewhere in the path ahead of the victim links. However, any network that carries general traffic has an intrinsic vulnerability, which the attacker is exploiting.

Download full report
http://googleurl?sa=t&source=web&cd=1&ve...remedy.pdf&ei=mGhcTvH1KZGvrAfnjpGWDw&usg=AFQjCNEOCV-kkKTwu5O9GEhp92d7jhuRXg
Find
Reply
New Reply 

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: seminar topics on distributed denial of service, denial of service attacks in wireless networks the case of jammers ppt, denial of service in cloud and grid computing ppt, interviewing rape victims, denial of service attacks in wireless network the case of jammers ppt pdf, denial of service attacks in wireless networks the case of jammers srs, distributed denial,

[-]
Quick Reply
Message
Type your reply to this message here.
Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  VOLTAGE STABILITY ANALYSIS UNDER NORMAL AND CONTINGENCY CONDITIONS science projects buddy 4 3,346 13-03-2013, 11:50 AM
Last Post: quarkhirad
  Distributed cache updating for the Dynamic source routing protocol computer science crazy 1 1,350 01-12-2012, 01:35 PM
Last Post: seminar details
  over-under voltage cut-off with ON-Time delay PROJECT REPORT project topics 3 5,332 01-12-2012, 12:23 PM
Last Post: seminar details
  Performance Analysis of MANET under Blackhole Attack smart paper boy 1 1,582 02-11-2012, 12:28 PM
Last Post: seminar details
  Over / Under Line Voltage Protection for Electrical Appliances smart paper boy 1 2,418 12-10-2012, 01:05 PM
Last Post: seminar details
  OVER/UNDER VOLTAGE PROTECTION OF ELECTRICAL APPLIANCES smart paper boy 1 2,658 12-10-2012, 01:05 PM
Last Post: seminar details
  Distributed-Input-Distributed-Output (DIDO) Wireless Technology computer girl 0 1,346 06-06-2012, 05:26 PM
Last Post: computer girl
  Route Stability in MANETs under the Random Direction Mobility Model computer science technology 4 4,028 23-02-2012, 11:08 AM
Last Post: seminar paper
  Two Practical Man-In-The-Middle Attacks on Bluetooth Secure Simple Pairing seminar class 1 2,312 02-02-2012, 10:23 AM
Last Post: seminar addict
  SECURE WIRELESS SENSOR NETWORKS - ROBUST OF WSN ATTACKS AND SECURE LOCALIZATION smart paper boy 1 2,124 28-01-2012, 10:55 AM
Last Post: seminar addict

Forum Jump:

Contact Us | Student Seminar Report & Project Report With Presentation (PPT,PDF,DOC,ZIP) | Return to Top | Lite (Archive) Mode | RSS Syndication