An Efficient Analytical Solution to Thwart DDoS Attacks in Public Domain
This addresses DDoS attacks in public networks, offering a scalable and efficient solution for network security, though it appears incremental by building on existing statistical methods.
The paper tackles DDoS attack detection by proposing an analytical model that monitors traffic changes in public domains, achieving a drastic improvement in detection and false positive rates. It also introduces a distributed cooperative technique to reduce memory and computational overheads by distributing tasks to edge routers.
In this paper, an analytical model for DDoS attacks detection is proposed, in which propagation of abrupt traffic changes inside public domain is monitored to detect a wide range of DDoS attacks. Although, various statistical measures can be used to construct profile of the traffic normally seen in the network to identify anomalies whenever traffic goes out of profile, we have selected volume and flow measure. Consideration of varying tolerance factors make proposed detection system scalable to the varying network conditions and attack loads in real time. NS-2 network simulator on Linux platform is used as simulation testbed. Simulation results show that our proposed solution gives a drastic improvement in terms of detection rate and false positive rate. However, the mammoth volume generated by DDoS attacks pose the biggest challenge in terms of memory and computational overheads as far as monitoring and analysis of traffic at single point connecting victim is concerned. To address this problem, a distributed cooperative technique is proposed that distributes memory and computational overheads to all edge routers for detecting a wide range of DDoS attacks at early stage.