ITC595 Research Project (Distributed Denial of Service Attacks)

Verified

Added on  2023/06/12

|6
|3302
|205
AI Summary
This research project focuses on the analysis, detection, and prevention of distributed denial of service (DDOS) attacks. Techniques such as artificial neural networks, filtering and rate limiting, and active networks are discussed. The proposed design for detecting and preventing DDOS attacks involves installing DDOS detectors in every network and using encrypted messages to communicate with other detectors. The study justifies the need for research in this area due to the popularity and widespread use of DDOS attacks by cyber criminals.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
ITC595 Research Project (Distributed Denial of Service Attacks)
Distributed Denial of Service Attacks
MAY 5, 2018
Student name
Course ID

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Table of Contents
INTRODUCTION..............................................................................................................................................1
Research Problem...........................................................................................................................................1
Research Justification.....................................................................................................................................2
LITERATURE REVIEW...................................................................................................................................2
Drape Architecture.........................................................................................................................................2
Artificial Neutral Network.............................................................................................................................2
Active networks, Gateways and Routing Protocols.......................................................................................2
Filtering and Rate Limiting............................................................................................................................2
Related Work.................................................................................................................................................3
Conceptual Framework..................................................................................................................................3
CONCLUSION..................................................................................................................................................4
ACKNOWLEDGEMENT.................................................................................................................................4
References..........................................................................................................................................................4
Document Page
ITC595 Research Project (Distributed Denial of Service Attacks)
A. Author
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT
Denial of service and distributed denial of service attacks is a
type of attack where a “Trojan” virus attacked several
computers are used to attack a single computer system resulting
a denial of access. The target computer is blocked by this attack
and both the targeted system and all the Trojan affected
systems are controlled by the hackers (Yan et al., 2016). The
technique is flooding the victim’s system by malicious attacks
using viruses originated from several sources. The number of
attacking systems range from hundreds to thousands. It cannot
be stopped by only blocking the Ip addresses as there is no
proper system to distinguish legitimate and illegitimate traffic
when the attack is spread widely from different systems (Lim et
al., 2014). There is a basic difference between the DOS and
DDOS attack that is the denial of service is executed using one
computer and Ip address to flood the victim’s system. On the
other hand DDOS attack is done by using several computers
and internet connections to flood the victim’s system by
generating network traffic. There are mainly three types of
DDOS attack namely bandwidth attack, traffic attack and
application attack.
The key security challenges of DDOS attack is to
distinguish the illegitimate traffic and block them from
attacking the computer system. Another challenge is to stop
spreading of “Trojan” virus which affects the computer systems
used for DDOS attack. There are diverse methods of OS attack
so executing DD it is a challenge for the security researchers to
stop DDOS and DOS attacks.
I have selected this as my area of research because
these types of attacks are one of the most popular and widely
used attacks by cyber criminals.
Keywords
DDOS - Denial of Service Distributed System
IP - Internet Protocol
Trojan Virus
Hackers
INTRODUCTION
Nowadays the modern networks have been suffering due to
security and the vulnerabilities despite them being from
different originalities may it be from manufacturers or for the
purpose they are used for, nevertheless it has become like
impossible and very difficult technically and economically
becoming not even feasible because when creating and
maintain the already in existence systems and ensuring that
both the system and the networks associated are not either
susceptible from attacks and much more threats [1]. The use of
Intrusion detection system has been widely used as security
tool in ensuring safety of the network which can be used by the
experts in even if the attack are from different sources [2]. This
detection system tool has emerged as one of the best prevention
tool, which is powerful as it is used in dealing with the security
of the data and the issues that may arise due to network
communications.
The attacks have a lot of influence over the networks and the
overall systems as they interfere with the performance of the
network, security of the data and much more the loss of the
intellectual property [3]. The purpose of this study is coming
up with a research that will be used in proposing and utilizing
the good framework for studying the security policies that will
be used for providing defenses against the DDOS attacks. The
emergence of DDOS attacks have taken down many web sites
and hence imposing a lot losses in finance in many companies.
Research Problem
The denial of service attack is an attack which is taken in to
consideration when one access in to a PC or in to resources of
the network is intentionally blocked or even being degraded
which may be as a result of malware that might have been
performed by another user. This attack may not necessarily
affect the data directly or either permanent, but they may intend
to compromise the resource availability. DDOS usually
manifests itself through many multiple hosts on the web by
saturating the bandwidth of the victims who are connected in
the network. In Distributed denial of service attack, the attacker
can trigger 10,000 attacks contemporaneously on the targets by
use of internet nodes, which are not protected globally in
coordinating those attacks.
There are so many defenses against the DDOS attacks that
have been considered and proposed. In deploying, the defenses
that are used against the DDOS attacks a network router will
have to be used, however the internet service providers will be
needed to do some configurations on the router in order for
them to prevent the traffic that is attacked from reaching to the
network that is connected by the subscribers. Nevertheless,
there has been many cases where the ISP has hesitated in
deploying the stated defenses that are due many practical
concerns. Each defense has different mechanisms used to
distinguish the attack traffic from the traffic that is normal to
different victims and the non-victims as the defense may
mistakenly regard the normal as the attack traffic. It has been
uncertain to how the efficiency of the defenses have been in
maintenance of the network connections that are available with
respect to the normal traffic of real victims and the non-victims
while in real sense then defenses are used for controlling the
attack traffic.
Secondly, the above imposition by the router defenses is
uncertain. Thirdly, no defenses has provided any mechanism to
be used by Internet Service Providers in knowing the
preferences of their subscribers in defense selection and
parameters negotiations in defense as it will be a fact when
tradeoff occurs. The questions we have to ask ourselves are
such as the how good a defense that will be if the Internet
Service Providers are compliant and they install the defenses.
Research Justification
The definition of DDOS has emphasized on the on three
very important aspects. This justifies that distributed denial of
service is a denial of service attack, however this has been
Document Page
made more accurately as DDOS will be considered as a subset
of the denial of service attacks [4]. Second in justifying, the
research there must be more than one source from attacks.
Thirdly, is that there must exist some coordination between the
hosts that are attacking. If any of the mentioned conditions, one
is not met then the attack should not be called distributed denial
of service.
LITERATURE REVIEW
The literature is based on the research that has been
conducted in improving and preventing the DDOS attacks
where we are implementing on the improvement of intrusion
detection system where we use the artificial neural networks
(ANW). This result has proven that the traffic in data can be
can be filtered and modeled more efficiently when we use the
ANW [5]. When we use the ANW, it may prove to be more
advantageous as it may consider taking thorough meticulous, a
perfect and very accurate training where we validate the phases
on top before they are applied to the networks in detecting the
malicious and network data attacks [6].
The related works on DDOS defense has been categorized
based on the detection on the DDOS, response and the
framework of the defense. Some of the techniques that are
applied includes the IP-attributes based DDOS detections or
also known as the DDoS detection that is based on the volume.
The literature review is used in discussing all the techniques
that are proposed by the researcher in defending against the
DDOS attacks.
Drape Architecture
For secure draping of the SOS architecture the architecture that
comprises of three layers will be used in mitigating the DDOS
attacks [7]. The three layers are the Point nodes, which are used
for receiving the traffic that is destined for the target server, the
beacon nodes that are used for receiving packets to the server
servlets and lastly is the secure servlet nodes where each layer
must communicate with only the nodes that are adjacent to the
layer. The aim of the architecture is achieving the
communication between all the users that have been confirmed
and those that are targeted.
When servers experiences DDOS attacks it may redirect all the
traffic draping the network and further preventing all further
transmissions and making them to be validated at the entry
point of the of the drape. In case a source want communication
with the target, it must contact a drape access point that is
secure. Immediately after it authenticate and authorize the
request, the secure drape access point will secure all the traffics
from the source to the targeted group which is via the beacon
codes which does the verification of the validation of the
information received and the forwarded traffic through filtering
of the routers to the target.
Artificial Neutral Network
This is the neural network is an info processing model that is
on the basis and inspiration from the human nervous system
like the way the brain of the humans works [8] .One of the
most necessary feature is that this model is very unique for its
structure in terms of the processing of the information [9]. This
model consists of numerous superbly interconnected nodes for
processing that work concurrently in solving the problems
specified [10].
The figure 1 in the table and figures section is shows a real
mathematical form of the ANW. The ANW works just like
humans do, learning by the examples. The ANW is configures
for specific applications like the classification of data and the
pattern recognition through the process of learning. The
process of learning in humans may require on the connections
of the synaptic adjusting between the neurons and the neural
works [11].
Active networks, Gateways and
Routing Protocols
In some of the proposed tools of the FIDRAN (framework
intrusion for active networks) which is one of frameworks for
the flexible Intrusion detecting and the responses on the
underlying active network environment. There are five major
keys of FIDRAN and are as explained below.
1. Management module- used for configuring and
administrative of any issues.
2. Operational module- this involves attack detection
with signatures
3. Control module
4. Security policy
5. Response mechanism- this is involving the discarding
of simple packets, reconfigurations of the firewall and
the traffic redirections.
Filtering and Rate Limiting
This is the proposed from the expert system model that
acquires the prior knowledge from the ordinary info from the
network and hence using that knowledge in defending against
the DDOS attacks [12]. There are three components, which
play a major role in this model, and they are explained as here
below.
1. The knowledge construction phase which is used by
predefining the prior knowledge like the rules for
detection, state transitions and the access control of
info to reaching the goal of detecting and filtering
phases.
2. The detecting phase is where rules of detection from
the knowledge base as they monitor the traffic in the
network by checking if the attack in the traffic will be
launched.
3. The filtering phase where the process of detection will
use a bloom filter in monitoring all the key statistics of
the traffic for each and every protected target, while it
keeps the minimal state of info as per the targeted
state.
Related Work
When we use ANN in detecting the distributed denial of
service attacks where its results is compared with the decision
tree and the output [13]. Many researchers have recognized that
the demands of the user on any resource on any system
involved and the way the data is controlled. A system that has
been established namely Learning Vector Quantization (LVQ)
neural networks, which are much, used when identifying the
attacks [14]. LVQ is kind of a supervision type used for further
procedures such as the recognition of the pattern, compression
of data and multi-class classifications. Lastly is the
probabilistic neural network based attack traffic, which is in the

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
order of detecting the various distributed denial of service
attacks [15].
Conceptual Framework
When we deploy the Detectors of DDOS in appropriate way
then we can help in minimization of the attacks strength. The
detectors will help in preventing the packets that are malicious
in reaching the target after the analysis of detection from the
abnormal behavior of the networks.
A. Figures and Tables
Figure 1 Block diagram of an artificial neuron.
Figure 2 Architecture of the neural network.
Figure 3 Detection, defense and cooperative mechanism
The following is the explanation of the proposed design of the
DDC mechanism.
Installation of DDOS detectors
Each DDOS detector to maintains it IP address
Existence of the simultaneous monitoring by the
DDOS detectors
All passing packet to be flagged as abnormal.
Detecting system sending the outputs to the defense
system.
Creating the knowledge share block that will help in
communicating with its neighbours who are enrolled
where they receive the message that is encrypted.
PROPOSED DESIGN
In designing the solution, we monitor the network
simultaneously for any behavior that might seem malicious
where we must analyze the header info of the packets that have
been retrieved from the network and used during training in the
ANW [16]. One DDOS system for detecting the attack in the
system and that is by installing it in every network so that they
can communicate through the use of encrypted messages with
other detectors as shown and explained in figure 3 in the tables
and figures sections.
CONCLUSION
The research here is a study that is done for giving out an
analysis of the distributed denial of service attacks. The
explanation above have majored on how it affects the
individuals and much more the way it can be detected and
prevented. There are many discussed and proposed models as
Document Page
seen from above and the way they can be implemented in
making this achievable and address the research problems.
In this, we have used the trained ANN algo in identifying the
TCP and UDP attacks where we use the key patterns that will
help in distinguishing between the authenticated traffic from
the distributed denial of service attacks. The JNNS were also
used in training the algorithm with the prepared and the pre-
processed data sets and the snort AI that was applied in
integration with any technique detected and were tested against
any attacks that may be different.
ACKNOWLEDGEMENT
The research was conducted by as student at Charles Sturt
University by the student of school of computing and
mathematics.
References
[1] A. A. Tariq Ahamad, “Indian Journal of Science and Technology,,” Detection and Defense Mechanism against DDoS
in MANET, vol. 8, no. 33, 2015.
[2] Abdulaziz Aldaej and Tariq Ahamad, “AAODV (Aggrandized Ad Hoc on Demand Vector): A Detection and
Prevention Technique for Manets,” International Journal of Advanced Computer Science and Applications(IJACSA,
vol. 11, no. 23, pp. 78-98, 2016.
[3] B. N. a. R. K. K. K Gupta, “IEEE Transactions on Dependable and Secure Computing,,” Layered Approach Using
Conditional Random Fields for Intrusion Detection,, vol. 7, no. 1, pp. 35-49, 2010.
[4] R. S. M. U. a. E. K. S. Ranjan, “DdoS-Resilient Scheduling to Counter Application Layer Attacks under Imperfect
Detection,” IEEE, LOndon, 2014.
[5] T. A. Ahanger, “Neural Networks", IEEE international Conference on Wireless Communications, Signal Processing
and Networking,” An Effective Approach of Detecting DDoSUsing Artificial, vol. 23, no. 12, pp. 345-367, 2017.
[6] A. A. Tariq Ahamad, “International Journal of Engineering Research & Technology,” Hybrid Approach Using
Intrusion Detection Systems, vol. 3, no. 2, pp. 234-237, 2014.
[7] M. T. M., “Hill Sci-ence/Engineering/Math,” Machine Learning, vol. 1, no. 0, pp. 52-78, 2007.
[8] P. D. Q. a. Z. F. C. Z. F. Chen, “2009 3rd International Symposium on Intelligent Information Technology
Application,,” Application of PSO-RBF Neural Network in Network Intrusion Detection‖, vol. 3, no. 1, pp. 362-364,
2009.
[9] C. Jie-Hao, C. Feng-Jiao and Zhang, “IEEE International Conference on Granular Computing,” DDoS defense system
with test and neural network‖, vol. 11, no. 13, p. 38 – 43., 2012.
[10] I. F. A. a. I. H. Kasimoglu, “to be published Ad Hoc Networks,,” Wireless sensor and actor networks: research
challenges, 2004.
[11] D. E. L. G. a. J. H. N. Bulusu, “International Symposium on Communication Theory and Applications (ISCTA),,”
Ambleside, LOndon UK, 2011.
[12] “Fifth Inter-national Conference on Information Assurance and Security,” Detecting DoS and DDoS Attacks Using
Chi-Square, vol. 5, no. 3, pp. 18-20, 2009.
[13] M. Pino, “Theoretical & Practical Introduction to Self Organization using JNNS,” niversity of Applied Sciences ,
Brandenburg., 2008.
[14] T. Jayalakshmi and Santhakumaran, “International Journal of Computer Theory and Engineering,” Statistical
Normalization and Back Propagation for Classification,, vol. 3, no. 1, pp. 89-93, 2011.
[15] M. Roesch, “Snort (Version 2.9,” Open Source Project, 1998. [Online]. Available: http://www.snort.org. [Accessed 2
may 2018].
[16] X. Xu, D. Wei and Y. Zhang, “Third Pacific-Asia Conference on Circuits, Communications and Systems,” Improved
Detection Approach for Distributed Denial of Service Attack Based on SVM‖., vol. 4, no. 5, pp. 1-3, 2011.
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]