Analysis of IP Spoofed DDoS Attack by Cryptography

Apply

Analysis of IP Spoofed DDoS Attack by Cryptography

Journal Title: International Journal of Computational Engineering and Management IJCEM - Year 2013, Vol 16, Issue 2

Abstract

Today, the internet is an essential part of our everyday life and many important and crucial services like banking, shopping, transport, health, and communication are partly or completely dependent on the Internet. According to recent sources the number of hosts connected to the internet has increased to almost 4000 million and there are currently more than 1 billion users of the Internet. Thus, any disruption in the operation of the internet can be very inconvenient for most of us as the Internet was originally designed for openness and scalability without much concern for security, malicious users can exploit the design weaknesses of the internet to wreak havoc in its operation. Incidents of disruptive activities like e-mail viruses, computer worms and denial-of service attacks have been on the rise reports an increase of such incidents from 252 in 1990 to 11,37,529 in 2009).The incidents which have raised the most concern in recent years are the denial-of-service (DoS) attacks whose sole purpose is to reduce or eliminate the availability of a service provided over the Internet, to its legitimate users. I explore a mechanisms for defending against ip spoofed packet attacks, have become one of the major threats to the operation of the internet today. I propose a new scheme for detecting and preventing the most harmful and difficult to detect DDoS Attacks—those that use IP address spoofing to disguise the attack flow. I have designed a low-cost and efficient scheme called HEMDADF, for defending against IP spoofed attacks, The HEMDADF scheme is composed of three parts: marking process, filtering process, secure transmission. The marking process requires the participation of routers in the internet to encode path information into packets. We suggest the use of a hash function and secret key to reduce collisions among packet-markings. The scheme also includes mechanisms for detecting and reporting spoofing in a timely manner. The evaluation of the scheme under simulations would be shown that my scheme can effectively and efficiently differentiate between good and bad packets under spoofed attack. Most good packets are accepted even under the most severe attack, whose traffic is about 10 times of normal traffic. At the same time, the bad packet acceptance ratio is maintained at a low level. This scheme can be performs well even under massively IP spoofed attacks involving up to 5000 attackers. HEMDADF scheme detected the occurrence of attack precisely within 3 - 4 seconds. The quick detection is valuable to the victim so that appropriate actions can be taken to minimize the damage caused by an IP spoofed attack.

Authors and Affiliations

Dalip Kumar

Keywords

EP ID EP146213
DOI -
Views 102
Downloads 0