Enjoy a 20% Discount on all IGI Global Books Browse Titles

Special Offers
- 20% Discount On All IGI Global Published Book Products Through the Online Bookstore
  In response to rapid inflation and global currency fluctuations, and in our continued effort to make diverse, equitable, and inclusive research more accessible, IGI Global is now offering a 20% discount on hardcover print book and e-book purchases through June 30, 2023, directly on IGI Global’s Online Bookstore. Hosted on the InfoSci^® platform, these titles feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more. Discount is automatically added at checkout.
  Browse Titles
- 20% Discount on All IGI Global E-Book Purchases Through GOBI
  GOBI is currently offering a 20% discount on IGI Global e-Book purchases on GOBI (Publisher Direct), through June 30, 2023. A direct link to GOBI can be found on each book's webpage of the IGI Global Online Bookstore.
  Browse GOBI
- 20% Discount on All IGI Global E-Book Purchases Through OASIS
  OASIS is currently offering a 20% discount on IGI Global e-Book purchases (Publisher Direct) until June 30, 2023. A direct link to OASIS can be found on each book's webpage of the IGI Global Online Bookstore.
  Browse OASIS
- 20% Discount on All IGI Global E-Book Purchases Through Rialto
  Rialto is currently offering a 20% discount on IGI Global e-Book purchases (Publisher Direct) until June 30, 2023.
  Browse Books
- IGI Global E-Book Offer Through Proquest E-Book Central
  Right now, receive Unlimited Multi-User Licensing at the Single User price with no mark-up for all IGI Global e-books acquired on ProQuest's e-Book Central platform until June 30, 2023.
  Browse e-Book Central
- IGI Global e-Book Offer Through EBSCOhost
  Right now, receive Unlimited Multi-User Licensing at the Single User price with no mark-up for all IGI Global e-books acquired on EBSCOhost until June 30, 2023.
  Browse EBSCOhost
- Limited Time Offer: Retrospective Open Access is Discounted 20%
  Access and convert your previously published work through your through your IGI Global Portal Account. For a limited time, IGI Global is offering a 20% discount on all Retrospective Open Access conversions through June 30, 2023.
  Learn More
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
Open Access
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us
Newsroom

Security Integration in DDoS Attack Mitigation Using Access Control Lists

Sumit Kumar Yadav, Kavita Sharma, Arushi Arora

Source Title: Research Anthology on Combating Denial-of-Service Attacks

DOI: 10.4018/978-1-7998-5348-0.ch011

OnDemand:

(Individual Chapters)

Available

$29.50

Current Special Offers

No Current Special Offers

Abstract

In this article, the authors propose a DDoS mitigation system through access list-based configurations, which are deployed at the ISP (Internet Service Provider's) edge routers to prohibit DDoS attacks over ISPs' networks traffic. The effectiveness of the proposed system relies heavily on the willingness of ISPs in implementing the system. Once each ISP implements the system, most attacks can easily be stopped close to their point of origin. The main challenge is to implement such a system with the fixed amount of memory and available processing power with routers. A coordinated effort by participating ISPs filters out attacks close to their source, reducing the load on other routers. The suspicious traffic is first filtered out based on their source IP address. The authors also implemented the WRED algorithm for their case and conduct GNS3 experiments in a simulated environment.

Chapter Preview

Top

Types Of Attacks

In this section, the two categories of DDoS attacks are explained in addition to DDoS attack taxonomy and well-known attacks.

Bandwidth Attacks

When a large amount of traffic is sent to the host or target network, an attack is carried out. This attack causes overuse of network bandwidth, memory or processing resources. If such traffic is left uncontrolled, devices in the target path such as routers, servers and firewalls can fail. In packet-flooding attack (a type of bandwidth attack) a large number of seemingly legitimate - UDP (User Datagram Protocol) or TCP (Transmission Control Protocol), ICMP (Internet Control Message Protocol) - packets are sent to a specific destination. These packets may misrepresent their source IP (Internet Protocol) address to make detection even more difficult and lead to “spoofing”. An approach MULTOPS (MUlti-Level Tree for Online Packet Statistics) was proposed for bandwidth attack detection (Gil & Poletto, 2001). A framework based on header count, ramp-up behaviour and other techniques are used to classify DoS attacks (Hussain, Heidemann & Papadopoulos, 2003).

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

Security Integration in DDoS Attack Mitigation Using Access Control Lists

Abstract

Types Of Attacks

Bandwidth Attacks

Complete Chapter List