FIRECOL(A COLLABORATIVE PROTECTION NETWORK FOR
THE DETECTION OF FLOODING DDOS ATTACKS)
Shweta patil
INTRODUCTION
Now a days providing security to the network has become a mandatory for the survival of many entities that depend on their Internet presence.
Protection against network attacks is a necessary to stay in today’s global market. So Denial of Service Attacks (DOS) have been considered one of the main threat against computer networks.
There are two aims for DDoS attacks. The first is to consume the resources of the host and second is to consume the bandwidth of the network.
Distributed denial-of-service (DDoS) attacks remain a major security problem, the mitigation of which is very hard especially when it comes to highly distributed botnet-based attacks.
The early discovery of these attacks, although challenging, is necessary to protect end-users as well as the expensive network infrastructure resources.
Normally, a huge set of machines are used to launch a Distributed Denial of Service (DDOS) attack against a certain server or set of servers.
The attack, originating from different sources, is very hard to detect via any single border firewall or IDS as each device has only a local view. Besides, attackers try to generate packets that look like normal traffic.
On the other hand, protecting the server at the close vicinity of its network is also inefficient because it becomes overwhelming for a single device to perform all the packets classification of the huge concentrated amount of traffic that it receives.
DISTRIBUTED DENIAL OF SERVICE
“THIS IS A PROCESS IN WHICH MANY COMPUTER
SYSTEMS, COMPRIMISED BY A HOST, SEND USELESS
DATA TO A NETWORK TO STOP INTERNET
CONNECTION”
EXISTING SYSTEM To countering DDoS attacks by fighting the underlying
vector which is usually the use of botnets.
The exponential growth of computer/network attacks are becoming more and more difficult to identify the need for better and more efficient intrusion detection systems increases in step.
The main problem with current intrusion detection systems is high rate of false alarms
The design and implementation of a load balancing between the traffic coming from clients and the traffic originated from the attackers is not implemented.
A botnet is a large network of compromised
machines (bots) controlled by one entity (the
master). The master can launch synchronized
attacks, such as DDoS, by sending orders to the
bots a Command & Control channel.
DISADVANTAGES OF EXISTING SYSTEM
Distributed denial-of-service (DDoS) attacks remain a major security problem to implementing complex access control policies for accessing data.
Huge traffic to transit through the Internet and only detect/block it at the host IDS/IPS may severely strain Internet resources.
The mitigation of network delay is very hard especially when it comes to highly distributed botnet-based attacks.
PROPOSED SYSTEM
This paper proposed FireCol, a scalable solution for the early detection of flooding DDoS attacks. Belief scores are shared within a ring-based overlay network of IPSs. It is performed as close to attack sources as possible, providing a protection to subscribed customers and saving valuable network resources.
We address the problem of DDoS attacks and present the theoretical foundation, architecture, and algorithms of FireCol.
The core of FireCol is composed of intrusion prevention systems (IPSs) located at the Internet service providers (ISPs) level.
The IPSs form virtual protection rings around the hosts to defend
and collaborate by exchanging selected traffic information.
The evaluation of FireCol using extensive simulations and a real
dataset is presented, showing FireCol effectiveness and low
overhead, as well as its support for incremental deployment in real
networks.
Experiments showed good performance and robustness of FireCol
and highlighted good practices for its configuration. Also, the
analysis of FireCol demonstrated its light computational as well as
communication overhead.
DATA FLOW DIAGRAM
MODULES OF PRAPOSED SYSTEM
NETWORK SECURITY
DISTRIBUTED DENIAL-OF-SERVICE
(DDOS)
FIRECOL ATTACK DETECTION
FIRECOL ARCHITECTURE
ADVANTAGES OF PRAPOSED SYSTEM
A future work to plan and extend FireCol to support
different IPS rule structures.
The core of FireCol is composed of intrusion prevention
systems (IPSs) located at the Internet service providers
(ISPs) level.
SYSTEM IMPLEMENTATION
Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.
Implementation is the process of converting a new system design into operation. It is the phase that focuses on user training, site preparation and file conversion for installing a candidate system.
The important factor that should be considered here is that the conversion should not disrupt the functioning of the organization.
HARDWARE REQUIREMENT
Processor : Any Processor above 500 MHz.
Ram : 128Mb.
Hard Disk : 10 Gb.
Compact Disk : 650 Mb.
Input device : Standard Keyboard and Mouse.
Output device : VGA and High Resolution Monitor.
SOFTWARE REQUIREMENT
Platform : JDK 1.7
Program Language : JAVA
Tool : Net beans,eqlispe
Operating System : Microsoft Windows XP
CONCLUSION AND FUTURE WORKS
This paper proposed FireCol, a scalable solution for the
early detection of flooding DDoS attacks. Belief scores
are shared within a ring-based overlay network of IPSs.
It is performed as close to attack sources as possible,
providing a protection to subscribed customers and
saving valuable network resources.
Experiments showed good performance and robustness
of FireCol and highlighted good practices for its
configuration.
PLEASE FEEL FREE TO ASK YOUR QUESTIONS
THANK YOU