DSpace Repository
A HYBRID APPROACH TO FILTER AND TRACEBACK IP-SPOOFED PACKETS IN DDoS ATTACKS
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Parachikapu, Krishna | |
| dc.date.accessioned | 2014-11-29T06:14:20Z | |
| dc.date.available | 2014-11-29T06:14:20Z | |
| dc.date.issued | 2009 | |
| dc.identifier | M.Tech | en_US |
| dc.identifier.uri | http://hdl.handle.net/123456789/12087 | |
| dc.guide | Sarje, A. K. | |
| dc.description.abstract | Today, Internet is the prime medium for communication and is the most sought after service by innumerable amount of users across the globe. At the same time, its commercial nature is causing increasing vulnerability to cyber crimes and there has been an enormous increase in the number of DDoS attacks on the internet over the past decade. Network resources such as network bandwidth, web servers and network switches are mostly the victims of many attacks. Current internet architecture allows the attacker to spoof the source address of the IP packet by rewriting the packet header. This gives provision to conceal the identity of the source of attack. IP spoofing is the most popular form of Distributed Denial of Service attack. A large number of schemes have been proposed and implemented for the defense against DDoS attacks. Some defend the attack by filtering and dropping packets and some defend the attack by tracing back to the source of attack after experiencing it. Both the mechanisms have their own drawbacks. In this dissertation "A HYBRID APPROACH TO FILTER AND TRACEBACK IP-SPOOFED PACKETS IN DDoS ATTACKS", we propose a hybrid packet marking mechanism to overcome the short comings of the above methods. This mechanism filters out the IP-spoofed packets and simultaneously traces back to the source of attack. Two different mechanisms for traceback are developed, one is using Bloom filters and another is by using Probabilistic Packet Marking strategy. In the proposed strategy, packet marking can be done at intermediate routers. Each packet is marked in two areas where one mark is used in filtering process and another is used in traceback process. The proposed scheme has been simulated using JAVA based HST (Java In Simulation Time) Simulator. Various test cases have been thought of, for which simulations were performed by varying different parameters. The results are compared with the existing schemes and filially, conclusions are presented. | en_US |
| dc.language.iso | en | en_US |
| dc.subject | ELECTRONICS AND COMPUTER ENGINEERING | en_US |
| dc.subject | HYBRID | en_US |
| dc.subject | FILTER AND TRACEBACK | en_US |
| dc.subject | IP-SPOOFED PACKETS | en_US |
| dc.title | A HYBRID APPROACH TO FILTER AND TRACEBACK IP-SPOOFED PACKETS IN DDoS ATTACKS | en_US |
| dc.type | M.Tech Dessertation | en_US |
| dc.accession.number | G14632 | en_US |
