Title: Combat model-based DDoS detection and defence using experimental testbed: a quantitative approach

Authors: G. Preetha; B.S. Kiruthika Devi; S. Mercy Shalinie

Addresses: Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai 625015, India. ' Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai 625015, India. ' Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai 625015, India

Abstract: Basic model for DDoS detection and prevention needs to be developed primarily to analyse the relationship between attacker and defender. Research in DDoS attacks is mainly focused on qualitative modes than quantitative analysis. The proposed work incorporates Lanchester combat model to quantify the attacker strength thereby giving a clear picture of how a DDoS defence system should be secure and what level of effectiveness is required to mitigate the attack. The work model is divided into online monitoring system (OMS) where network anomalies are monitored using the various performance metrics and offline training system (OTS) differentiates spoofed traffic from normal traffic using hop count filtering (HCF) defence algorithm. The proposed work opens a new platform for researchers to know apriori what defence strategy should be employed for what kind of DDoS attack. The implementation is carried out on a distributed testbed build up on GNU/Linux machines.

Keywords: DDoS detection; analytical modelling; testbed; distributed DoS; denial-of-service; DDoS attacks; combat models; attacker strength; DDoS defence; security; online monitoring; offline training; hop count filtering.

DOI: 10.1504/IJIEI.2011.044097

International Journal of Intelligent Engineering Informatics, 2011 Vol.1 No.3/4, pp.261 - 279

Received: 26 Feb 2011
Accepted: 17 May 2011
Published online: 28 Feb 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article