Application: DDoS Attacks Resistance Scheme Using Polynomial Distribution Model

Distributed Denial of Service (DDoS) attacks pose an increasingly grave threat to the Internet, as evidenced by recent DDoS attacks mounted on both popular Internet sites and the Internet infrastructure. Alarmingly, DDoS attacks are observed on a daily basis on most of the large backbone networks. The previous work presented Gaussian distribution factor to enhance the attack resistance scheme for having better detection rate even for stationary object in the application DDoS attacks. The attack detection is identified with the Gaussian distribution of the traffic data of flash crowds surrounding the respective web sites with Bayes optimal filter strategy. But it consumes more time to distribute the Gaussian factor across the Applications used in the network and the security of services in applications also being less. To improve the security and service factor of the network, in this work, we are going to present a polynomial distribution model for attack resistance scheme by distributing the application services prior to sending the packet data streams. The distribution is done at first, so, the service abnormality is identified efficiently. The polynomial distribution is done for organizing the packet data which is to be sent with application services. The simulation using Network Simulator results proves that the attack resistance using polynomial distribution model minimizes execution time, distribution and load overhead and improves the security of the services present in the application contrast to an existing enhanced attack resistance scheme for app-DDoS attacks using Bayes optimal filter strategy.

[1]  Jin Wang,et al.  A new relative entropy based app-DDoS detection method , 2010, The IEEE symposium on Computers and Communications.

[2]  Wanlei Zhou,et al.  Traceback of DDoS Attacks Using Entropy Variations , 2011, IEEE Transactions on Parallel and Distributed Systems.

[3]  Taieb Znati,et al.  Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach , 2010, IEEE Transactions on Parallel and Distributed Systems.

[4]  Tjeng Thiang Tjhung,et al.  Unified Laguerre Polynomial-Series-Based Distribution of Small-Scale Fading Envelopes , 2009, IEEE Transactions on Vehicular Technology.

[5]  M. Uysal,et al.  DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks , 2009, IEEE/ACM Transactions on Networking.

[6]  H. Kobayashi,et al.  An efficient forward-backward algorithm for an explicit-duration hidden Markov model , 2003, IEEE Signal Processing Letters.

[7]  Zhan Yu,et al.  Envelope Probability Density Functions for Fading Model in Wireless Communications , 2007, IEEE Transactions on Vehicular Technology.

[8]  Shunzheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[9]  Shun-Zheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[10]  Jonathan T. Trostle,et al.  Protecting Against Distributed Denial of Service (DDoS) Attacks Using Distributed Filtering , 2006, 2006 Securecomm and Workshops.

[11]  Kotagiri Ramamohanarao,et al.  Protection from distributed denial of service attacks using history-based IP filtering , 2003, IEEE International Conference on Communications, 2003. ICC '03..