Encountering to DDoS Attack

Please enable javascript in your browser.

Razian, Mohammad Reza | 2014

1709 Viewed

Type of Document: M.Sc. Thesis
Language: Farsi
Document No: 46396 (19)
University: Sharif University of Technology
Department: Computer Engineering
Advisor(s): Kharrazi, Mehdi; Movaghar Rahimabadi, Ali
Abstract:
Distributed Denial of Service (DDoS) is one of the more important attacks in computer networks. DDoS attacks can be categorized in to two categories: high rate and low rate. In the high rate DDoS category, the attacker tries to fill up all the link’s bandwidth capacity by flooding the link with packets. On the other hand, in the low rate DDoS category (i.e. LDDoS), the attacker executes a DDoS attack while keeping a low average transmission rate. TCP LDDoS is a low rate DDoS attack in which the attacker exploits the TCP congestion control behavior.
In this thesis, we investigate a system for defending against the TCP LDDoS attack and propose a novel method for doing so. We present some observation for distinguishing between legitimate and attack behavior. The output of our system is a priority queue containing flows so that high priority flows are legitimate and low priority flows are suspicious. We evaluate the proposed system employing the NS2 simulation environment. Results show that our proposed system is able to detect attack flows from legitimate flows properly
Keywords:
Distributed Denial of Service (DDOS)Attack ; Transmission Control Protocol (TCP) ; Computer Information Security ; Confidentiality ; Encountering