Abstract

"Amongst various online attacks hampering IT security, Denial of Service (DoS) Distributed Denial-of-Service (DDoS) has the most devastating effects. It has also put tremendous pressure over the security experts lately, in bringing out effective defense solutions. These attacks could be implemented diversely with a variety of tools and codes. Since there is not a single solution for DoS,DDoS this attack has managed to prevail on internet for nearly a decade. Hence, it becomes indispensable to carry out these attacks in small test bed environments in order to understand them better. Unlike other theoretical studies, this project lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains. This paper deals with proactive models for mitigating DoS and DDoS attacks. In the first part of our investigation, we develop and evaluate two defense models for DoS and DDoS attacks: the Server Hopping Model using distributed firewalls. This model provide defense in a different part of the network, and has different resource requirements. In the second part of our investigation, we assess the effectiveness of our defense model for different types of DoS and DDoS attacks. "

Authors and Affiliations