A UNIFIED APPROACH FOR DETECTION AND PREVENTION OF DDOS ATTACKS USING ENHANCED SUPPORT VECTOR MACHINES AND FILTERING MECHANISMS

ICTACT Journal on Communication Technology ( Volume: 4 , Issue: 2 )

Abstract

vioft2nntf2t|tblJournal|Abstract_paper|0xf4ff0da4110000004f5c020001000200
Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP’s are detected in this approach. Non spoofed IP’s are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP’s are detected using Hop Count Filtering (HCF) mechanism. The detected IP’s are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Authors

T. Subbulakshmi1, P. Parameswaran2, C. Parthiban3, M. Mariselvi4, J. Adlene Anusha5, G. Mahalakshmi6
Sethu Institute of Technology, India1, Tata Consultancy Services, India2, Tata Consultancy Services, India3, Thiagarajar College of Engineering, India4, Thiagarajar College of Engineering, India5, Thiagarajar College of Engineering, India6

Keywords

DDoS Attacks, Lanchester Linear Law, Enhanced Support Vector Machines, Rate Based Limiting, History Based IP Filtering

Published By
ICTACT
Published In
ICTACT Journal on Communication Technology
( Volume: 4 , Issue: 2 )
Date of Publication
June 2013
Pages
737 - 743

ICT Academy is an initiative of the Government of India in collaboration with the state Governments and Industries. ICT Academy is a not-for-profit society, the first of its kind pioneer venture under the Public-Private-Partnership (PPP) model

Contact Us

ICT Academy
Module No E6 -03, 6th floor Block - E
IIT Madras Research Park
Kanagam Road, Taramani,
Chennai 600 113,
Tamil Nadu, India

For Journal Subscription: journalsales@ictacademy.in

For further Queries and Assistance, write to us at: ictacademy.journal@ictacademy.in