Adaptive IP traceback mechanism for detecting low rate DDoS attacks

Distributed Denial of Service (DDoS) attacks is measured to be a vital threat to the net. Because of memory less feature of the net routing mechanism, it's extraordinarily onerous to trace back to the supply of those attacks. Ancient packet marking techniques are not any longer applied because of its high memory consumption and poor measurability. During this paper, we have a tendency to build use of entropy variation to observe the attack that differentiates between traditional and DDoS attack traffic. However it will solely be applied to observe the attack during which rate of the traffic flow is incredibly high. There are also many attacks during which the strength of the attack is also meager, however the results of those attacks might be still severe. So it's essential to observe such attacks that square measure in lower order in terms of information rate. We have a tendency to propose an Adaptive Attack Detection System (AADS) that is capable of detection DDoS attacks regardless of the attack strength.

[1]  G. Manimaran,et al.  Novel hybrid schemes employing packet marking and logging for IP traceback , 2006, IEEE Transactions on Parallel and Distributed Systems.

[2]  Jerry R. Hobbs,et al.  An algebraic approach to IP traceback , 2002, TSEC.

[3]  Kamil Saraç,et al.  A More Practical Approach for Single-Packet IP Traceback using Packet Logging and Marking , 2008, IEEE Transactions on Parallel and Distributed Systems.

[4]  Antonio Nucci,et al.  Robust and efficient detection of DDoS attacks for large-scale internet , 2007, Comput. Networks.

[5]  David K. Y. Yau,et al.  You can run, but you can't hide: an effective statistical methodology to trace back DDoS attackers , 2005, IEEE Transactions on Parallel and Distributed Systems.

[6]  Guang Jin,et al.  Deterministic packet marking based on redundant decomposition for IP traceback , 2006, IEEE Communications Letters.

[7]  H. Jonathan Chao,et al.  PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks , 2006, IEEE Transactions on Dependable and Secure Computing.

[8]  M.T. Goodrich,et al.  Probabilistic Packet Marking for Large-Scale IP Traceback , 2008, IEEE/ACM Transactions on Networking.

[9]  Nirwan Ansari,et al.  IP traceback with deterministic packet marking , 2003, IEEE Communications Letters.

[10]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[11]  Wanlei Zhou,et al.  Traceback of DDoS Attacks Using Entropy Variations , 2011, IEEE Transactions on Parallel and Distributed Systems.

[12]  Kai Hwang,et al.  Collaborative detection and filtering of shrew DDoS attacks using spectral analysis , 2006, J. Parallel Distributed Comput..

[13]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.