Welcome To UTPedia

We would like to introduce you, the new knowledge repository product called UTPedia. The UTP Electronic and Digital Intellectual Asset. It stores digitized version of thesis, dissertation, final year project reports and past year examination questions.

Browse content of UTPedia using Year, Subject, Department and Author and Search for required document using Searching facilities included in UTPedia. UTPedia with full text are accessible for all registered users, whereas only the physical information and metadata can be retrieved by public users. UTPedia collaborating and connecting peoples with university’s intellectual works from anywhere.

Disclaimer - Universiti Teknologi PETRONAS shall not be liable for any loss or damage caused by the usage of any information obtained from this web site.Best viewed using Mozilla Firefox 3 or IE 7 with resolution 1024 x 768.

Distributed Denial-of-Service Defense System

Hanasi, Lidiyawatie (2006) Distributed Denial-of-Service Defense System. Universiti Teknologi Petronas. (Unpublished)

[img] PDF
Download (1770Kb)

Abstract

Distributed denial-of-service (DoS) attacks present a great threat to the Internet, and existing security mechanisms cannot detect or stop them successfully. The problem lies in the distributed nature of attacks, which engages the power of a vast number of coordinated hosts. To mitigate the impacts of DDoS attacks, it is important to develop such defenses system that canbothdetect andreact against ongoing attacks. The attacks ideally should be stopped as close to the sources as possible, saving network resources andreducing congestion. The DDoS defense system that is deployed at the source-end should prevent the machines at associated network from participating in DDoS attacks. The primary objective of this project, which is developing a DDoS defense system, is to provide good service to a victim's legitimate clients during the attack, thus canceling the denial-of-service effect. The scope of study will coverthe aspect of howthe attack detection algorithms work and identify the attack traffic, hence develop appropriate attack responses. As a source-end defense against DDoS attacks, the attack flows can be stopped before they enter the Internet core and before they aggregate with other attack flows. The methodology chosen for this project is the combination of sequential and iterative approaches of the software development process, which comprises of six main phases, which are initial planning phase, requirement definition phase, system design phase, coding and testing phase, implementation phase, and lastly maintenance and support phase. The system used a source router approach, in which the source router serves as a gateway between the source network containing some of the attack nodes and the rest of the Internet, to detectand limitDDoS streams long before they reach the target. This will be covered in the Findings section of the report. TheDiscussion section will be focus more onthe architecture onthe system, which having three important component; observation, rate-limiting and traffic-policing.

Item Type: Final Year Project
Academic Subject : Academic Department - Information Communication Technology
Subject: Z Bibliography. Library Science. Information Resources > ZA Information resources
Divisions: Sciences and Information Technology > Computer and Information Sciences
Depositing User: Users 2053 not found.
Date Deposited: 27 Sep 2013 10:58
Last Modified: 25 Jan 2017 09:46
URI: http://utpedia.utp.edu.my/id/eprint/6914

Actions (login required)

View Item View Item

Document Downloads

More statistics for this item...