Chapter 5 – Conclusions and Recommendations

To avoid any widespread damage to the victims system, distributed denial of service (DDoS) attacks have to be detected at their early launching stage. We have developed a defense and distributed detection mechanism to protect servers and websites against DDoS attacks. We proposed a mechanism based on collaboration among the two most important gateways of attacks which are edge routers and victims firewall routers. Such a network is an effective way to enhance the attacks detection rate, provide attack alerts, and protect legitimate traffic. We proposed a new detection method to increase the attacks detection accuracy, which samples the current incoming traffic and CPU usage of the destination target of attack and calculates the difference from average. Based on this result achieved, we introduced a new attack detection method. Through real experiments, we have shown that our method can detect and block attack packets quickly. We have also shown the effects of attacker-side defense and the effectiveness of our method.