Dynamic Approach to Defend Against Distributed Denial of Service Attacks Using an Adaptive Spin Lock Rate Control Mechanism
Abstract
Problem statement: The last decade has seen many prominent Distributed Denial of Service (DDoS) attacks on high profile webservers. In this study, we deal with DDoS attacks by proposing a dynamic reactive defense system using an adaptive Spin Lock Rate control (D3SLR). D3SLR identifies malicious traffic flow towards a target system based on the volume of traffic flowing towards the victim machine. Approach: The proposed scheme uses a divide and conquer approach to identify the infected interface via which malicious traffic are received and selectively implements rate limiting based on the source of traffic flow towards victim and type of packet rather than a collective rate limiting on flow towards victim. Results: The results observed in simulation shows that D3SLR detects the onset of the attacks very early and reacts to the threat by rate limiting the malicious flow. The spin lock rate control adapts quickly to any changes in the rate of flow. Conclusion: D3SLR can be successfully implemented at critical points in the network as autonomous defense systems working independently to limit damage to the victim and also allows legitimate flows towards the target system with a higher degree of accuracy.
DOI: https://doi.org/10.3844/jcssp.2012.632.636
                                            
                                Copyright: © 2012 R. Anurekha, K. Duraiswamy, A. Viswanathan, V. P. Arunachalam, K. Ganesh Kumar and A. Rajivkannan. This is an open access article distributed under the terms of the
                                                                            Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
                                                                    
- 5,179 Views
- 3,872 Downloads
- 5 Citations
Download
Keywords
- Spin lock rate control
- adaptive rate limiting
- distributed denial of service
