A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 2
Abstract
In Today’s Digital World, the continuous interruption of users has affected Web Servers (WSVRs), through Distributed Denial-of-Service (DDoS) attacks. These attacks always remain a massive warning to the World Wide Web (WWW). These warnings can interrupt the accessibility of WSVRs, completely by disturbing each data processing before intercommunication properties over pure dimensions of Data-Driven Networks (DDN), management and cooperative communities on the Internet technology. The purpose of this research is to find, describe and test existing tools and features available in Linux-based solution lab design Availability Protection System (Linux-APS), for filtering malicious traffic flow of DDoS attacks. As source of malicious traffic flow taken most widely used DDoS attacks, targeting WSVRs. Synchronize (SYN), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP) Flooding attacks are described and different variants of the mitigation techniques are explained. Available cooperative tools for manipulating with network traffic, like; Ebtables and Iptables tools are compared, based on each type of attacks. Specially created experimental network was used for testing purposes, configured filters servers and bridge. Inspected packets flow through Linux-kernel network stack along with tuning options serving for increasing filter server traffic throughput. In the part of contribution as an outcomes, Ebtables tool appears to be most productive, due to less resources it needed to process each packet (frame). Pointed out that separate detecting system is needed for this tool, in order to provide further filtering methods with data. As main conclusion, Linux-APS, solutions provide full functionality for filtering malicious traffic flow of DDoS attacks either in stand-alone state or combined with detecting systems.
Authors and Affiliations
Muhammad Tahir, Mingchu Li, Naeem Ayoub, Usman Shehzaib, Atif Wagan
Keywords
Related Articles
- EP ID EP277023
- DOI 10.14569/IJACSA.2018.090248
- Views 82
- Downloads 0
A Fuzzy based Soft Computing Technique to Predict the Movement of the Price of a Stock
Soft computing is a part of an artificial intelligence, and fuzzy logic is the study of fuzziness on data. The combination of these two techniques can provide an intelligent system with more ability and flexibility. The...
Developing an Assessment Tool of ITIL Implementation in Small Scale Environments
Considering the problematic of IT Service Management (ITSM) frameworks Implementation in SMEs, among the various frameworks available for companies to manage their IT services, ITIL is recognized as the most structured a...
Three-Phase Approach for Developing Suitable Business Models for Exchanging Federated ERP Components as Web Services
The importance of business models has increased significantly in the last decade, especially in the Internet. The cause of this increase is the effect of Internet and the associated applications and their business proces...
Citizen Attention Web Application for the Municipality of Sabinas, Coahila, Mexico
The information systems are fundamental to perform the daily activities of any organization. There is an increasing dependence on organizations to use information technology to achieve their objectives. This article pres...
Detection of Infected Leaves and Botanical Diseases using Curvelet Transform
The study of plants is known as botany and for any botanist it is a daily routine work to examine various plants in their research lab. This research efforts an image processing-based algorithm for extracting the region...