Exit Control Based Cooperative Defense Mechanism to Minimize DDoS Attacks that Mimic Flash Crowds

Main Article Content

Rashpinder Pal
Sunil Kumar, Mandeep Singh

Abstract

The Internet is considered as main infrastructure of the global information society. Therefore, the availability of Internet is very
critical. Distributed Denial-of-Service (DDoS) attacks tend to degrade internet services severely. In order to effectively reduce the influence of
DDoS attacks and its severity on the entire internet, we need Cooperative defense technique that can block the attackers’ requests on the edge
routers of ISP boundary. In this paper, we have proposed a ISPs’ Cooperation based DDoS attack mitigation approach, which makes use of good
characteristics of existing defense scenarios such as D-WARD and co-operation among the ISP’s to make the defense distributed. The suggested
topology contains gateway on every edge router of the ISP and validate every client’s request by Exit Control Mechanism on every first request
made from a new IP address. The puzzles can only be passed by humans and not by the bots, and thus it blocks all the non-genuine packets
inside the ISP boundary & saves the entire internet’s bandwidth from the attack traffic.

 

 

Keywords: DDoS, Defense, Cooperative, Puzzle, Edge router.

Downloads

Download data is not yet available.

Article Details

Section
Articles