05-05-2011, 11:52 AM
ABSTRACT
The increase in Internet-based transactionsand communications offers new opportunitiesfor hackers to disrupt business operations withDDoS attacks. Organizations that are notadequately protected risk losing customers,revenue, and their good reputations. Thisthesis discusses the challenges of identifying,countering, and avoiding crippling DDoSattacks. With the proposed comprehensiveSelf-Defending Network, organizations candeploy layers of defense to detect and mitigatethe effects of DDoS attacks. The convenience,efficiency, and global reach of e-businessbenefit both consumers and businesses. Butthe accessibility of today’s businessoperations brings increased securitychallenges. Legions of malicious hackerstarget e-commerce sites, online banks, partnernetworks, and Internet or e-mail serversseeking revenge or profit.DDoS attack quickly overwhelms acompany’s server, router, firewall or networklink with traffic, if successful, the attackfloods the network or its resources socompletely that legitimate traffic cannot beprocessed, and the company cannot function.The results are disastrous frustrated customersplace orders elsewhere, service-levelagreements are violated, and corporatereputations are damaged. Meanwhile, all ITand security resources focus on responding tothe attack. Unfortunately, their efforts areusually too late and only partially effective. Asecurity strategy must instantly identify andrespond to DDoS threats, while maintainingthe availability of critical network resourcesfor custoers, partners, and employees.The proposed model develops countermechanism to mitigate the potency of theresource attacks and evaluate the efficacy.The proposed access matrix captures thespatial-temporal patterns of a normal flashcrowd. The anomaly detector based on hiddenMarkov model (HMM) is proposed todescribe the dynamics of Access Matrix (AM)and to detect the attacks. Numerical resultsbased on real Web traffic data are presented todemonstrate the effectiveness of the proposedmethod. Asymmetric attack overwhelms theserver resources, by increasing the responsetime of legitimate clients from 0.1 seconds to10 Seconds. Under the same attack scenario,HMM model limits the effects of falsenegativesand false-positives and improves thevictims’ performance to 0.8 seconds.
1. INTRODUCTION
A distributed denial of service attack (DDoSattack) is a large-scale, coordinated attack onthe availability of services of a victim systemor network resource, launched indirectlythrough many compromised computers on theInternet [1]. DDoS attacks can seriouslyimpair the Internet service. There have been anumber of proposals and solutions to theDDoS attacks. However there is still nocomprehensive solution which can protectagainst all known forms of DDoS attacks.
Download full report
http://ijcaonlinevolume6/number9/pxc3871443.pdf