Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/55036
Title: Defending against distributed denial of service (DDoS) attacks
Authors: Wah, Chin Han
Keywords: DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer system implementation
Issue Date: 2013
Abstract: The volume, duration and frequency of DDoS attacks have increased significantly every year. The average bandwidth of attack seen during the first quarter of 2013 was of 48.25 Gbps which is an eightfold increase over the last quarter of 2012 whereby the attack bandwidth was averaged at 5.9Gbps. The DDoS attacks can cripple automated systems like email, websites, bank transactions and more. With such increase in DDoS attacks over the years, the potential damage will definitely be high if left unattended. In a distributed system, data gets relayed from the source machine to the destination machine. With the modern implementation of Domain Name System (DNS) servers, the load of the incoming data may be split evenly to all the receiving servers. Thus, a coordinated DDoS attack may be split up and therefore becomes normal legit requests. Resource consumption is also an important factor in distributed systems. Therefore the relay nodes should only run the DDoS detection whenever it is necessary. To achieve a higher efficiency in the detection, the detectors have to be deployed at the nodes whereby the DDoS traffic converges so that there will be information to be aggregated for the building of a profile of the DDoS traffic. This project aims to help the systems identify the source of the DDoS attacker. The program analyzes and reassembles information from the network traffic while not interfering with the flow of the actual system. If the separate data has been reconstructed, it will be clear that the connections belong to the same DDoS profile. Hence by aggregating the network traffic at the deeper levels of the network whereby the traffic converges, it is possible to reassemble the DDoS profile. With such program monitoring the network traffic, systems can be notified of the IP addresses of the DDoS attackers and therefore deny their entries to the system.
URI: http://hdl.handle.net/10356/55036
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
FYP_Report_131115.pdf
  Restricted Access
Main article2.13 MBAdobe PDFView/Open

Page view(s) 20

212
checked on Oct 26, 2020

Download(s) 20

24
checked on Oct 26, 2020

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.