Title: Triple DoS: DDoS defence and traceback

Authors: Alex Doyal; Justin Zhan

Addresses: Department of Computer Science, North Carolina A&T State University, 1601 East Market Street, Greensboro NC, 27410, USA ' Department of Computer Science, North Carolina A&T State University, 1601 East Market Street, Greensboro NC, 27410, USA

Abstract: Distributed denial of service (DDoS) attacks occur when a host of compromised systems are used to target a single system. This single system can be either an actual machine or a network resource. These attacks are prevalent and hard to deal with because they are distributed. They come from many machines, making them hard to trace and even harder to counter. There are also a host of tools available which make it easier for an attacker to launch a DDoS attack. This ubiquity is increasing the level of difficulty related to defending against these attacks. This paper proposes a mechanism, DDDoS, or triple DoS, to deal with DDoS attacks on the internet layer. There are registration and authentication protocols to connect clients and servers so that an unregistered client cannot access the network and flood it with traffic. The triple DoS service will be activated only when a DDoS attack is detected (using clustering), and it will ensure that registered clients and servers can always communicate. It includes a tracing mechanism to allow the originator of the DDoS attack to be identified.

Keywords: DoS attacks; denial of service; distributed DoS; DDoS; traceback; information assurance; defence; cyber attacks; triple DoS; network security; authentication protocols; registration protocols; intrusion detection.

DOI: 10.1504/IJIPSI.2013.058206

International Journal of Information Privacy, Security and Integrity, 2013 Vol.1 No.4, pp.299 - 311

Published online: 19 Jul 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article