By Topic

DDDOST: Distributed detection of DOS attack using timers in wireless broadband networks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
I. Diana Jeba Jingle ; Department of Computer Science and Engineering, Loyola Institute of Technology and Science, Thovalai, India ; Elijah Blessing Rajsingh

Wireless broadband networks are most vulnerable to denial-of-service attacks where attackers can disrupt legitimate communication between hosts in a network by flooding unwanted traffic between legitimate hosts. This paper proposes DDDOST, a novel approach for filtering flooding attack, the most severe denial-of-service attack that occurs at the transport layer of the internet. Flooding attack at the transport layer affects the transmission control protocol's three-way handshake process, thereby denying the services of TCP. It also denies the services of user datagram protocol. The main objective of this approach is to install local and global monitoring agents at various points in the network in order to monitor and filter real-time TCP traffic and UDP traffic thereby allowing legitimate traffic to flow in the network during attack traffic filtration process and to avoid buffer overflow at the monitoring agents. DDDOST consists of a novel agreement mechanism and a novel detection algorithm and it works taking the clock values of each node into account for effective detection of the attack which has not been used in the existing defense mechanisms. All nodes within a network are permitted to have a synchronized clock value. In the agreement mechanism, the IP address spoofing is prevented which forms the gateway for flooding attacks and once IP spoofing is prevented, the detection mechanism is carried out in detecting and filtering flooding attacks. This distributed defense mechanism reduces the burden on a single global monitoring agent thereby introducing local monitoring agents at various points in the network. The performance results show that this approach effectively and accurately detects and filters DOS attacks within a short period. The performance of this proposed mechanism has been measured in terms of time delay and false positive ratio and it is compared with existing defense mechanisms and it is found to be effective over existing defense mechanisms.

Published in:

2012 Fourth International Conference on Advanced Computing (ICoAC)

Date of Conference:

13-15 Dec. 2012