Network System Protection Against Internet Protocol Spoofing Based Distributed Denial Of Services Attacks During Socket Based Packet Transmission

Authors

  • Sushil Kumar Assistant Professor , Department Of Computer Science And Application, Cdlu Sirsa
  • Ms. Poonam Rani Assistant Professor , Department Of Computer Science And Application, Cdlu Sirsa

Keywords:

Distributed Denial of Service (DDoS), Time to Live(TTL), Round Trip Time (RTT), Distributed Probabilistic HCF

Abstract

In this paper, DPHCF-RTT technique has been implemented and analysed for variable number of hops. Goal is to improve limitations of Conventional HCF or Probabilistic HCF techniques by maximizing detection rate of illegitimate packets and reducing computation time. It is based on distributed probabilistic HCF using RTT. It has been used in an intermediate system. It has advantage for resolving problems of network bandwidth jam and host resources exhaustion. MATLAB 7 has been used for simulations. Mitigation of DDoS attacks have been done through DPHCF­ RTT technique. It has been shown a maximum detection rate up to 99% of malicious packets. IP spoofing based DDoS attack that relies on multiple compromised hosts in network to attack victim. In IP spoofing, IP addresses can be forged easily, thus, makes it difficult to filter illegitimate packets from legitimate one out of aggregated traffic. A number of mitigation techniques have been proposed in literature by various researchers. Conventional Hop Count Filtering or probabilistic Hop Count Filtering based research work indicates problems related to higher computational time and low detection rate of illegitimate packets.

References

Krishna Kumar, P.K. Kumar, R. Sukanesh, "Hop Count Based Packet Processing Approach to Counter DDoS Attacks," International Conference on Recent Trends in Information, Telecommunication and Computing, PET Engineering College, Thirunelvelli, India, pp. 271-273, 12-13, March,2010.

R. Swain, B. Saboo, "Mitigating DDoS attack and Saving Computational Time using a Probabilistic approach and HCF method," IEEE International Conference on Advance Computing,NIT, Rourkela, pp. 1170-1172,6-7, March 2009.

Mukaddam, I. H. Elhajj, "Hop count variability," 6th IEEE International Conference on Internet Technology and Secured Transactions, American University of Beirut, Lebanon,pp. 240-244, 11-14, December ,2011.

F. Zhang, J. eng, Z. Qin, M. Zhou, "Detecting DDoS Attacks Based on SYN proxy and Hop-Count Filter," IEEE International Conference on Communications, Circuits and Systems, University of Electronic Science and Technology, China,pp. 457-461,11-13,July,2007.

Downloads

Published

30-09-2015

How to Cite

Sushil Kumar, & Ms. Poonam Rani. (2015). Network System Protection Against Internet Protocol Spoofing Based Distributed Denial Of Services Attacks During Socket Based Packet Transmission. International Journal for Research Publication and Seminar, 6(3). Retrieved from https://jrps.shodhsagar.com/index.php/j/article/view/633

Issue

Section

Original Research Article