Documente Academic
Documente Profesional
Documente Cultură
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 71
Abstract—Distributed Denial of Service threats has become the real threat to the security of the Internet.
In the critical application areas, the information transmission must be kept secret and confidentiality
should be ensured. Such applications are space research, military applications and online transactions.
A web referral mechanism will defend against attacks by granting privilege URL to legitimate clients,
thereby ensuring protection against such attacks. This paper analyses the security measures adopted in
the web referral mechanism and presents a survey of the existing trace back mechanisms and mitigation
techniques. This paper aims at providing solution for the drawbacks in the current techniques.
Index Terms— Distributed Denial of Service threats – web referral mechanism – trace back mechanism –
attack mitigation.
—————————— ——————————
1 Introduction
phase of a product. Various tools are available to
T
detect such attacks but none of them are proved
HE key design feature of the Internet makes to be efficient.
it vulnerable to various kinds of attacks.
Some of the website attacks are sniffing, A solution to defend against Denial of Service
snooping, IP spoofing, masquerading, access attacks is referral mechanism which is built upon
attacks, injection and execution of malicious the existing relationships. In this mechanism the
software, object reusability and Distributed legitimate client connection is retained even
Denial of Service (DDoS) attacks. The DDoS during flooding attacks. The client’s legitimacy is
attack disrupts the communication of the verified by means of authorization checks on the
legitimate client with the web server and certificate owned by the client. The referral
consumes network bandwidth by posing bogus mechanism if combined with the autonomous
packets. Hence, client connection attempt will be system, tracing will be effective as it monitors the
rejected by the web servers and the service entire network by relatively monitoring few
becomes unavailable. The DDoS attacks are more points in the system. It uses packet marking
common that exploit the weakness of the key techniques and is enforced in the ID fields of the
design infrastructure. Such attacks have been IP addresses.
reported in the most popular online trading sites
Amazon, e-bay and the news site cnn.com. DDoS The rest of the paper is organized as follows:
attacks are stealthier and tougher to trace as more The motivation is given in section 2. The DDoS
machines are involved in the attack. Effective attack types are illustrated in section 3. Detailed
defense against DDoS attacks is a challenging analysis of detection schemes are given in section
task as the vulnerabilities exploited by the 4. The defence mechanisms are explained in
attacker to launch an attack will be introduced section 5. Section 6 concludes the paper and
during the design and implementation section 7 is for future enhancements
2 Motivations
Mr.V.Govindasamy is working as A.P in
I.T Dept of Pondicherry Engineering
College (PEC), Pin 605014, India. More DDoS attacks are happening every day.
Mrs.V.Akila is employed in C.S.E Dept This fact is not revealed to the public as it will
of Pondicherry Engineering College,Pin result in loss of customers for an organization or
605014, India. online site. The loss incurred due to this attack
will be in terms of billions of dollars to replace
Ms.E.Gayathri is pursuing her
and repair the web server’s hardware and
M.Tech(I.S) at Pondicherry Engineering
software components. The factors which
College, Pin 605014, India.
motivated for DDoS attacks are as follows
1. Revenue Loss
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 12, DECEMBER 2010, ISSN 2151‐9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 72
2. Slow Network Performance the target’s allotted bandwidth and hence
3. Service Unavailability subsequent legitimate user requests will be left
4. Service Disruption unprocessed. Two main classifications are under
5. Processing Power Costs this bandwidth depletion attack they are
6. Communication Overhead
Udp
4 Detection Schemes
Flood
Smur Fragg Dns
f le Reflection
Provision of security to web services is important
Ping
as there are series of attacks emerging everyday
Flood due to the advanced technologies and available
Tcp Syn free source DDoS tools. Hence solutions should
Flood
be provided rather than countermeasures in
Attack
Recursive
order to defend against DDoS attacks. The
Reflec
Http detection schemes [2] should be simple and
tion Teardrop robust and should not reveal any information
Floods
Attack regarding the IP address of the user. The
available detection schemes in web referral
Push & mechanism for DDoS attacks are listed in Table 1.
Ack
Attacks Tcp/Ip
Stack
Attack Detection Purpose
Sl.No Scheme
Land
1. MIB Detects attacks,
Attack
correlator and
precursors which
Fig 1: DDoS Attack classification caused the attack
2. MULTOPS Detects ongoing
bandwidth attacks