THROTTLE BASED APPROACH TO MITIGATE DISTRIBUTED DENIAL OF SERVICE ATTACK

Abstract

Distributed Denial of Service (DDOS) is one of the most significant kind of security threats in the internet. Through this form of attack the available resources are engaged to such a level that it ceases to provide service to the legitimate users. Internet services have been the major victim of various forms of this attack with complete network faces sharp reduction in performance. Distributed Denial of Service Attack has recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the internet. In this report an overview of the DDOS problem attack, defence principle and how the gap between the problem and the possible mitigation could be resolved through the application of queuing mechanism over optimum throttle algorithm has been proposed. Here we describe a novel framework that deals with the detection of variety of DDOS attacks by monitoring propagation of abrupt traffic changes inside the Network and then characterizes flows that carry attack traffic. Work in the Report targets a network architecture and accompanying algorithms for countering denial-ofservice (DOS) attacks directed at an Internet Server. The basic mechanism is for a server under stress to install a router throttle at selected upstream routers. The throttle mechanism would be highly effective in preferentially dropping attacker traffic over good user traffic. In this project we have aimed to propose an algorithm, which mitigates the above described Distributed denial of service attacks and tries to lessen the impact of these attacks.