DDoS Attack detection method and mitigation using pattern of the flow

Distributed denial-of-service attack (DDoS Attack) is one of the types of attacks that use multiple hosts as attacker against a system. There is a difference between Distributed Denial-of-Service (DDoS Attack) and Denial-of-Service (DoS Attack). DDoS attacks are distributed, meaning spread using multiple hosts, while the DoS attack is one-on-one. DoS attacks requires a powerful host, either from the resource or operating system used to carry out the attack. In this study, we discuss how to handle DDoS attacks in the form of detection method based on the pattern of flow entries and handling mechanism using layered firewall. Tests carried out using three scenario that is simulations on normal network environment, unsecured network, and secure network. Then, we analyze the simulations result that has been done. The method used successfully filtering incoming packet, by dropped packets from the attacker when DDoS attack happen, while still be able to receive packets from legitimate hosts.

[1]  폴지. 메이필드,et al.  Multi-layered firewall architecture , 2004 .

[2]  Stuart Harvey Rubin,et al.  Distributed denial of service attacks , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[3]  Wesley M. Eddy,et al.  TCP SYN Flooding Attacks and Common Mitigations , 2007, RFC.

[4]  Weifeng Chen,et al.  RRED: robust RED algorithm to counter low-rate denial-of-service attacks , 2010, IEEE Communications Letters.

[5]  Rui Guo,et al.  Research on the Active DDoS Filtering Algorithm Based on IP Flow , 2009, 2009 Fifth International Conference on Natural Computation.

[6]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[7]  Dongqi Wang,et al.  A multi-core based DDoS detection method , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[8]  Wei Wang,et al.  Efficient detection of DDoS attacks with important attributes , 2008, 2008 Third International Conference on Risks and Security of Internet and Systems.

[9]  Ki Hoon Kwon,et al.  DDoS attack detection method using cluster analysis , 2008, Expert Syst. Appl..

[10]  Kang G. Shin,et al.  Hop-count filtering: an effective defense against spoofed DDoS traffic , 2003, CCS '03.

[11]  Lee Garber,et al.  Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[12]  Yuval Elovici,et al.  Google Android: A Comprehensive Security Assessment , 2010, IEEE Security & Privacy.