Please use this identifier to cite or link to this item:
|Title:||IMPLEMENTATION & PERFORMANCE EVALUATION OF AN AUTOMATED MODEL AGAINST DDoS ATTACKS|
|Authors:||Vuppala, Sunil Kumar|
|Keywords:||ELECTRONICS AND COMPUTER ENGINEERING;ELECTRONICS AND COMPUTER ENGINEERING;ELECTRONICS AND COMPUTER ENGINEERING;ELECTRONICS AND COMPUTER ENGINEERING|
|Abstract:||ow-a-days Distributed Denial of Service (DDoS) attacks are causing major problems in the Internet. Several schemes have been proposed on how to prevent some. of these attacks, but they suffer from a range of problems, some of them being impractical and others not being effective against these attacks. Recently an automated Controller- Agent model has been proposed to deal with overall DDoS problem. In this dissertation, we implemented this automated model that would greatly minimize DDoS attacks in the Internet. With a new packet marking technique and agent design, the automated model is able to identify the approximate source of attack (nearest router) with a single packet, even in the case of attacks with spoofed source addresses. Here Controller can be centralized or distributed in the network. Agents can be located at edge routers. Victim can be a server or network. The model is invoked only during ,attack times, is able to process the victims traffic separately without disturbing other traffic, is able to establish different attack signatures for different attacking sources and can prevent the attack traffic at the nearest router to the attacking system. The results from implementation of the model using Network Simulator-2 (NS-2) showed that the automated -model seems to be a promising approach to prevent DDoS attacks. It has fast response time, simple in its implementation and can be incrementally deployed. Evaluated parameters include response time, goodput and percentage of overhead packets. We also extended this model to Wireless Sensor networks to counteract DDoS attacks_. Due to. the limited energy reserves, computation power of sensor networks victim mechanism of the model is incorporated at base station associated with sensor networks. Keywords Denial of Service (DoS), Distributed Denial of service (DDoS), Controller-Agent Model, Automated model, Packet Marking, Attack Signatures, IP Traceback, Sensor Networks.|
|Research Supervisor/ Guide:||Varadharajan, Vijay|
Sarje, A. K.
|Appears in Collections:||MASTERS' DISSERTATIONS (E & C)|
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.