The Defense Mechanism Against Ddos Attacks

1594 Words7 Pages
The figure above depicts the defense mechanism against DDoS attacks in IDR. It first identifies attack and victim and uses bloom filter data structure which is space efficient and leaky buckets algorithm and monitors the bandwidth used in the traffic flow that passes through the router and targeted to a particular destination. It then classifies legitimate and attack traffic. A legitimate traffic model called baseline traffic profile is built which evaluates the distribution of different packet attribute values flowing through the router. After a packet arrives at the router, its attribute values are taken and respective counters are incremented and deviation of each group of these attributes is computed. Then, anomaly can be easily…show more content…
Although the test bed is not close to real internet testing the application on it can help to understand the performance of the proposed approach to detect DDoS attack. The real experiments conducted on the testbed to evaluate the performance of the IDR system shows that it is a very effective solution in protecting the network against DDoS attacks. Other network based DDOS defense mechanism is the effectiveness of the probabilistic packet marking for IP traceback [5]. The simplest way of identifying the physical source of DOS attack is eliminating the IP address spoofing but this approach is not easy to implement and this method would require a very long time to be deployed on the whole internet. In deterministic packet marking the source of the attacker is identified using the tracing information which is employed in to the packet. It has a very significant disadvantage that is the requirement of increasing packet header size with the increasing hop count. In probabilistic packet marking, each router inscribes probabilistically the local path into the flowing packet such that the end victim node can trace the complete path, the packet has traversed with high probability by using the markings on the received packet. This is nothing but probabilistically sampling the route, the packet in the attack has taken and with a constant space in the packet header independent of the hop count which one big advantage over deterministic packet marking as stated above. In
Open Document