Abstract
Nowadays, the Distributed Denial of Service (DDoS) attack is still one of the most common and devastating security threats to the internet. This problem is progressing quickly, and it is becoming more and more difficult to grasp a global view of the problem. In this paper, we propose a new defense method used the bandwidth in second that a server can use for UDP packets is set as a parameter for controlling a DDoS attack by using the number of UDP packets available. It is registered in the private security policy as a parameter for detecting a flood attack. The efficiency of our proposed method was also proved in the experiments with NS2. DDoS attack is controlled effectively by the private security policy the bandwidth of the regular traffic would be maintained.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Deepika Mahajan and Monika Sachdeva (2013). DDoS Attack Prevention and Mitigation Techniques—A Review. International Journal of Computer Applications 67(19):21–24. Published by Foundation of Computer Science, USA.
Arun Raj Kumar et al (2009), Distributed Denial-of-Service Threat in Collaborative Environment A Survey on DDoS Attack Tools and Traceback Mechanisms, IEEE International Advance Computing Conference (IACC 2009) Patiala, India.
Pack, G., Yoon, J., Collins, E., Estan, C. (2006). On Filtering of DDoS Attacks Based on Source Address Prefixes. The Securecomm and Workshops, Baltimore. doi:10.1109/SECCOMW.2006.359537.
David, D. (2007). Prevent IP spoofing with the Cisco IOS. Retrieved from http://www.techrepublic.com/article/prevent-ip-spoofing-with-the-cisco-ios.
Lu, W. et al (2009). One-Way Queuing Delay Measurement and Its Application on Detecting DDoS Attack. Journal of Network and Computer Applications, 32(2), 367–376.
Rui, X., Li, M., Ling, Z. (2009). Defending against UDP Flooding by Negative Selection Algorithm Based on Eigenvalue Sets. International Conference on Information Assurance and Security.
Rao, S. (2011). Denial of Service Attacks and Mitigation Techniques: Real Time Implementation with Detailed Analysis. Retrieved from http://www.sans.org.
Mohd, Z. et al (2011). Protocol Share Based Traffic Rate Analysis (PSBTRA) for UDP Bandwidth Attack. Paper presented at the International Conference on Informatics Engineering and Information Science, Kuala Lumpur.
Kaur, D., Sachdeva, M., Kumar, K. (2012). Study of DDoS Attacks Using DETER Testbed. Journal of Computing and Business Research, 3(2), 1–13.
The Network Simulator NS2, http://www.isi.edu/nsnam/ns.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer India
About this paper
Cite this paper
Le, DN., Van, V.N., Giang, T.T.T. (2016). A New Private Security Policy Approach for DDoS Attack Defense in NGNs. In: Satapathy, S., Mandal, J., Udgata, S., Bhateja, V. (eds) Information Systems Design and Intelligent Applications. Advances in Intelligent Systems and Computing, vol 435. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2757-1_1
Download citation
DOI: https://doi.org/10.1007/978-81-322-2757-1_1
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2756-4
Online ISBN: 978-81-322-2757-1
eBook Packages: EngineeringEngineering (R0)