Analysis and Mitigation of Reflector based Distributed Denial of Service Attacks
IR@C-MMACS: CSIR-Centre for Mathematical Modelling and Computer Simulation, Bangalore
View Archive InfoField | Value | |
Title |
Analysis and Mitigation of Reflector based Distributed Denial of Service Attacks
|
|
Creator |
S, Sivapooranam
V, Anil Kumar Patra, G K Iyengar, N.Ch.S.N |
|
Subject |
Computer Programming and Software
|
|
Description |
In this paper, we propose a distributed packet filtering technique to detect and filter out TCP packets with spoofed source IP address used for Distributed Reflection Denial of Service (DRDoS) attacks. We first provide an analysis of the attack scenario in which the well-known three-way handshake process of TCP is exploited in a distributed manner to cause flooding denial of service attacks, and then propose the filtering scheme to mitigate the attack impact. The proposed scheme makes use of information in the Time-to-Live (TTL) field of IP packets to differentiate and filter out spoofed packets at the reflector level. The TCP server, which is exploited as reflector, monitors the incoming RST packets in response to its SYN/ACK packets, and extracts the TTL count from the RST packets. This TTL count is compared with the TTL count of further SYN packets to make the filtering decision. Apart from explaining the concept, we also provide preliminary simulation results to demonstrate the potential of TTL based filtering scheme.
|
|
Date |
2010
|
|
Type |
Article
PeerReviewed |
|
Format |
application/pdf
|
|
Identifier |
http://cir.cmmacs.ernet.in/44/1/JCMS_anil.pdf
S, Sivapooranam and V, Anil Kumar and Patra, G K and Iyengar, N.Ch.S.N (2010) Analysis and Mitigation of Reflector based Distributed Denial of Service Attacks. Journal of Computer and Mathematical Sciences, 1 (3). pp. 354-362. ISSN 0976-5727 |
|
Relation |
http://compmathsjournal.com/
http://cir.cmmacs.ernet.in/44/ |
|