Upload
vigneshwaran-udayasuriyan
View
216
Download
0
Embed Size (px)
Citation preview
8/2/2019 Defending Against Distributed Denial of Service 1
1/23
Defending Against Distributed
Denial Of Service
Guided By:
Mr. Velmurugan (ME)
Programmed By:
Vigneshwaran.U
Arun.V.S
Arulmani.M.A
Balaji.S
Rajkiran.R
8/2/2019 Defending Against Distributed Denial of Service 1
2/23
ABSTRACT
A DDOS(Distributed Denial Of Service) attack is a
sophisticated attack created by a large number of compromised
host that are instructed to send useless packets to jam a victimserver and hence the sever gets overhead and hence it cant
manage the resources due to DDOS attack.
8/2/2019 Defending Against Distributed Denial of Service 1
3/23
INTRODUCTION(1/2)
Network Security:
Network security is a very vital concept in this scenario .
Security of network can be made useless by breaking the
secrecy, authentication, also when message integrity is not
available.
8/2/2019 Defending Against Distributed Denial of Service 1
4/23
(2/2)
There are three aspects on information security:
Security attack :
Any action that compromises the security information
owned by an organization.
Security mechanism:A mechanism that is designed to detect, prevent or
recover from a security attack.
Security services:
A service that enhances the security of the data
processing systems and the information transfers of
an organization
8/2/2019 Defending Against Distributed Denial of Service 1
5/23
SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS:
i. 128 MB RAM
ii. 20 GB HDD
iii. Color Monitor
iv. 101 Keyboard
v. Mouse
8/2/2019 Defending Against Distributed Denial of Service 1
6/23
SOFTWARE REQUIREMENTS:
i. Windows XP
ii. Java
iii. Swing
iv. JPCap
8/2/2019 Defending Against Distributed Denial of Service 1
7/23
Background Information: Denial of
Service Attacks
DoS Attacks Affect:
i. Software Systems
ii. Network Routers/Equipment/Servers
iii. Servers and End-User PCs
8/2/2019 Defending Against Distributed Denial of Service 1
8/23
MODULE
Pre Analyzer
Dos Attacker Controller
Initiative Server
8/2/2019 Defending Against Distributed Denial of Service 1
9/23
PRE ANALYSER :
Pre analyzer is implemented inside the server, it measuresthe current traffic load level of the Network by capturingpackets using JPCAP tool.
JPCAP JPCap is a Java Class package that allows JavaApplication to capture or send packets to the network.
In this module we split files into packets and send theminto the server for testing the traffic load level.
A log table is created at the Pre-analyzer that keeps theinformation about the incoming packets(packet size , IPaddress, type)
Initiative server looks up into this log table and retrievesthe information
8/2/2019 Defending Against Distributed Denial of Service 1
10/23
DOS ATTACKER :
The Dos Attacker is the attacker, who sends multipleredundant packet using many compromised system to the
target system.
In this module the splitted files are sent to the server by
two modes of attack. One by normal mode and another by
assail mode
In normal mode we send the packet normally without any
redundancy.
In assail mode we generally send the redundant files of
size equals to the server capacity or the size above the
server capacity.
8/2/2019 Defending Against Distributed Denial of Service 1
11/23
8/2/2019 Defending Against Distributed Denial of Service 1
12/23
CONTROLLER :
The Controller plays a major role in dropping the
redundant packets when it receives signal from the
server.
The Controller is used to control the flow of packets.
In this module when the throttle is activated the
controller keeps track of all incoming packets and the
host IP address in the byte array.
8/2/2019 Defending Against Distributed Denial of Service 1
13/23
Packet sent Control to check for throttle
undropped packets
Packets that are legal
Throttle signal
Data from
user ControllerWith or
without
throttling
Server / receiver
Receives or accepts the
data
Algorith m
dropped
8/2/2019 Defending Against Distributed Denial of Service 1
14/23
INITIATIVE SERVER :
Initiative Server module implements the throttle
algorithm when it identifies the load crossing max-min
limit.
8/2/2019 Defending Against Distributed Denial of Service 1
15/23
CONTROLLER DIAGRAM:
8/2/2019 Defending Against Distributed Denial of Service 1
16/23
ALGORITHM
We represent the throttle algorithm in which traffic is
throttled by dropping a function of the traffic.
It is used to control the flow of the traffic to the server.
Throttle Dropping a fraction of the traffic.
Throttle has to be invoked when either:
The current server loads(measures as traffic arrival rate to cross
over the limit).
A throttle is in effect and the current server loads drop below limit.
8/2/2019 Defending Against Distributed Denial of Service 1
17/23
Fair Throttle Algorithm:
Algorithm fair_throttle
last :== -;
while (1)multicast current rate-rs throttle to R(k);
monitor traffic arrival rate for time window w;
if ( > Us) /* throttle not strong enough */
/* further restrict throttle rate*/
rs :== rs/2;
elif ( < Ls) /* throttle too strong */
if (- last
< )
remove rate throttle from R(k);
break;
else
/* try relaxing throttle by additive step */
last :== ;rs:== rs + ;
fi;
elsebreak;
fi;
end while;
8/2/2019 Defending Against Distributed Denial of Service 1
18/23
EXISTING SYSTEM
IP TRACE backmechanism:
This mechanism traces the IP packets that enters in to
the network. The IP address of incoming packets is compared
with the log table which maintains the IP addresses of the DOS
attacker hosts. But this mechanism is not highly effective for
DDOS attacks.
Drawbacks:
Detecting the attackers is very difficult and time
consuming.
8/2/2019 Defending Against Distributed Denial of Service 1
19/23
8/2/2019 Defending Against Distributed Denial of Service 1
20/23
PROPOSED SYSTEM
DefendingAgainst DDOS attack Using Throttle Algorithm:
The throttle mechanism is highly effective in preferentially
dropping attacker traffic over good user traffic.
Throttling can regulate the experienced server load to below
its design limit, so that the server can remain operational
during a DDOS attack
It is cost effective since the algorithm is implemented at the
router
8/2/2019 Defending Against Distributed Denial of Service 1
21/23
ADVANTAGE
The Throttle mechanism is highly effective in
preferentially dropping attackers traffic over good user
traffic.
Throttle can regulate the server load below its designlimit in the presence of user level of the throttle is
dynamic.
So a server can remain operational during DDOS attack.
It is Cost effective since algorithm is implemented at therouter.
8/2/2019 Defending Against Distributed Denial of Service 1
22/23
CONCLUSION
The DDOS attacks can be rectified by using these four
modules, They are Pre Analyzer, DOD Attacker, Controller
and Initiative Server.
To Avoid this DDOS attack a throttle algorithm is used,
which is used to control the flow of traffic to the server.
8/2/2019 Defending Against Distributed Denial of Service 1
23/23