Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

rajesh swarupa

69 views

Published on

  • Be the first to comment

rajesh swarupa

  1. 1. An Efficient DynamicAn Efficient Dynamic Router Approach toRouter Approach to DefeatDefeat “DDOS Attack“DDOS Attack ”” Presentation byPresentation by B. Rajeswara Reddy,B. Rajeswara Reddy, N.V.S.L. Swarupa.N.V.S.L. Swarupa.
  2. 2. ContentsContents Denial-of-Service attacksDenial-of-Service attacks Necessity for solutionNecessity for solution Cooperative Technological SolutionsCooperative Technological Solutions Existing SolutionExisting Solution Proposed SolutionProposed Solution ConclusionConclusion
  3. 3. Denial-of-ServiceDenial-of-Service  Attempt to makeAttempt to make resources unusable toresources unusable to intended usersintended users  Largest threat faced byLargest threat faced by present day internetpresent day internet  More among SocialMore among Social Networking SitesNetworking Sites  If more attackers itIf more attackers it becomes DDoSbecomes DDoS
  4. 4. Necessity For SolutionNecessity For Solution Media: 2.8% lossMedia: 2.8% loss Two StagesTwo Stages Recruiting ZombiesRecruiting Zombies Flooding VictimFlooding Victim DrawbackDrawback Service DelaysService Delays Dynamic RouterDynamic Router Approach.Approach. Mechanism of DDoS attacks.
  5. 5. COOPERATIVE TECHNOLOGICALCOOPERATIVE TECHNOLOGICAL SOLUTIONSSOLUTIONS TO “DDOS ATTACKS”TO “DDOS ATTACKS” ComponentsComponents 1.1. Internet CoreInternet Core 2.2. Internet CloudInternet Cloud 3.3. Edge of InternetEdge of Internet 4.4. Servers and ClientsServers and Clients Service By D.S.C.Service By D.S.C. 1.1. Direct CommunicationDirect Communication 2.2. Cache CommunicationCache Communication 1.Digital Supply Chain The digital supply chain.
  6. 6. Steps in CooperativeSteps in Cooperative Filtering:Filtering: 1.1. AlarmingAlarming 2.2. TracingTracing 3.3. FilteringFiltering Simple ApproachSimple Approach  Delete Same IPDelete Same IP PacketsPackets Ban IP spoofingBan IP spoofing The process of cooperative filtering. a. Cooperative Filtering
  7. 7. b. Cooperative Cachingb. Cooperative Caching  Draw Backs of FilteringDraw Backs of Filtering  ExpensiveExpensive  Legal Packets LostLegal Packets Lost  Traffic Shared By RoutersTraffic Shared By Routers  Routing Tables NeededRouting Tables Needed  Bandwidth efficientlyBandwidth efficiently Utilized.Utilized.  Combining both resultsCombining both results in Effective Performancein Effective Performance Fig Cooperative Caching
  8. 8. Incentive ChainIncentive Chain  Major Sources ForMajor Sources For Digital Content flowDigital Content flow  End Users DemandEnd Users Demand  ICP’s DemandICP’s Demand  Chain links all parties forChain links all parties for end to end transmissionend to end transmission
  9. 9. Broken Incentive ChainBroken Incentive Chain  Lack of IncrementalLack of Incremental Payment Structure andPayment Structure and Failure of CooperativeFailure of Cooperative FilteringFiltering  Have unused residueHave unused residue bandwidthbandwidth  Cost and Benefits for ISPCost and Benefits for ISP in Cooperative Filteringin Cooperative Filtering  Payment to ISP’sPayment to ISP’s  With Congestion noWith Congestion no profit to ISP’sprofit to ISP’s Fig 3: Incentive Chain
  10. 10. Broken Incentive ChainBroken Incentive Chain  Caches on the Edge of the Internet: InaccessibleCaches on the Edge of the Internet: Inaccessible TreasuresTreasures  Missisippi rule For Cooperative CachingMissisippi rule For Cooperative Caching  Cost efficient than FilteringCost efficient than Filtering  Reasons for breaking incentive chainReasons for breaking incentive chain  ICP’s does not provide money for cachingICP’s does not provide money for caching  Resource becomes inactiveResource becomes inactive  ICP’s not sure about DDoS: No PaymentICP’s not sure about DDoS: No Payment
  11. 11. Existing Soln: Capacity ProvisionExisting Soln: Capacity Provision NetworkNetwork  Network of CacheNetwork of Cache ServersServers  Demand side CacheDemand side Cache tradingtrading  Owner of ISP playsOwner of ISP plays main role in it.main role in it.  Dilution of traffic by theDilution of traffic by the best Cachebest Cache
  12. 12. Proposed SolutionProposed Solution Difficult to locateDifficult to locate origin of attackorigin of attack Request ConstraintsRequest Constraints Size: 2GBSize: 2GB Fields: 100Fields: 100 Check header info, atCheck header info, at first routerfirst router Router DatabaseRouter Database Restricting Fake Packet
  13. 13. Sample Data And ResultsSample Data And Results Nodes in theNodes in the time takentime taken networknetwork 100 0.078125100 0.078125 200200 0. 1093750. 109375 300300 0.1093750.109375 400400 0.156250.15625 500500 0.156250.15625 600600 0.156250.15625 700700 0.1718750.171875 800800 0.2343750.234375 900900 0.2343750.234375 10001000 0.2656250.265625 Series 1 -200 200 400 600 800 1000 1200 1400 0.1 0.2 0.3 x y Nodes in the Network T i m e T a k e n CPN method
  14. 14. Identifying the AttackIdentifying the Attack Nodes in theNodes in the Time takenTime taken networknetwork 100 0.078125100 0.078125 200200 0.0781250.078125 300300 0.50.5 400400 0.0781250.078125 500500 0.0781250.078125 600600 0.0781250.078125 700700 0.0781250.078125 800800 00781250078125 900900 0.0781250.078125 10001000 0.0781250.078125
  15. 15. Results in Dynamic RouterResults in Dynamic Router MethodMethod No..of packets Transfer rates (No’s) (Mbps) 100 100 200 96 300 84 400 77 500 55 200 90 210 96 220 94 215 98
  16. 16. ConclusionConclusion  Previously proposed methods concentrated mostly onPreviously proposed methods concentrated mostly on determining the attack path only.determining the attack path only.  In Our proposed solution we can easily safe guard anyIn Our proposed solution we can easily safe guard any network from attack.network from attack.  Here for LAN congestion problem add theHere for LAN congestion problem add the implementation of multiple cache servers on networkimplementation of multiple cache servers on network by complex congestion control algorithm.by complex congestion control algorithm.
  17. 17. ..
  18. 18. ..

×