Abstract
As the number of users in the internet is increasing rapidly, various attacks are becoming an important issue which needs to be analyzed at the earliest. There exist various attacks like, ARP poisoning, IP spoofing, Denial of Service (DOS) etc. Now-a-days one of the major threats on the internet is Denial of Service (DOS) attack. As this attack slows down a particular system, the resources of that system becomes unavailable to others. DOS attack is mounted by consuming the resources of the victim system. By doing this, it can no longer provide the normal service to others. As the universe of DOS attack is large, there exists various different kind of DOS attacks like Distributive DOS attack, Low rate DOS attack etc. In this paper we have proposed a simple hashing based authentication technique which can protect computers from different DOS attacks. The main contribution of this paper is that, here prior to making a connection between source and destination, an authentication must take place at network layer. So before sending a packet to upper layer protocol such as TCP or UDP, this technique will ensure the authentication of the source in network layer. Here a Hash based DOS Attack Analyzer (HDAA) is used whose main job is to capture the packets in the network layer and perform an authentication. For the proposed method it is necessary for both source and destination to agree upon a set of rules and to pass the authentication process. If authentication passes, then it will deliver the data packet to upper layer protocol. If authentication does not pass then it will drop that packet and block that source address from entering the network. A thorough analysis have been made and compared with some existing techniques. The main advantage of this method lies in the application of simple hashing method in network layer which restricts the packet from entering our system initially. The computation overhead is also very less as this scheme can be implemented in network layer with respect to other techniques.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Choi, H., Lee, H., kim, H.: Fast detection and visualization of network attacks on parallel coordinates. Science Direct 28, 276–288 (2009)
Douligeris, C., Mitrokosa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art, vol. 44, pp. 643–666 (2004)
Forouzan, B.A., Fegan, S.C.: Data Communication and Networking. Tata Mgraw Hill (2007)
Priselac, D., Marijic, D., MikucM: Analysis of DoS attack method on IMS system. In: Proceedings of 33rd Intl. convention on MIPRO, Opatija, Croatia, pp. 524–527 (2010)
Efstathopoulos, P.: Practical study of a defence against Low-rate TCP-targeted DoS attack. In: Proceedings of Intl. conf. on Internet Techonology and Secured Transactions, London, pp. 1–6 (2009)
AI-Haidari, F., Sqalli, M., Hamoodi, J.: An Entropy-based Countermeasure against Intelligent DoS Attack Targeting Firewalls. In: Proceedings of IEEE International Symp. on Policies for Distributed and Network, London, pp. 41–44 (2009)
Choi, S.: DoS Resistance Multicast Authentication Protocol with Prediction Hashing and One-Way Key Chain. In: Proceedings of Seventh IEEE Intl. Symp. on Multimedia, London, pp. 524–527 (2005)
Liu, Z., Guan, L.: Attack simulation and signature extraction of low-rate DoS. In: Proceedings of Third Intl. Symp. on Intelligent Information Technology and security Informatics, China, pp. 544–548 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dasmohapatra, M.K., Datta, K., Sengupta, I. (2011). A Preventive Measure to Protect from Denial of Service Attack. In: Wyld, D.C., Wozniak, M., Chaki, N., Meghanathan, N., Nagamalai, D. (eds) Advances in Network Security and Applications. CNSA 2011. Communications in Computer and Information Science, vol 196. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22540-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-22540-6_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22539-0
Online ISBN: 978-3-642-22540-6
eBook Packages: Computer ScienceComputer Science (R0)