The New Jersey Institute of Technology's
Electronic Theses & Dissertations Project

Title:	An autonomous router-based solution to detect and defend low rate DDoS attacks
Author:	Anantharam, Karunakar
View Online:	njit-etd2005-002 (xiii, 56 pages ~ 5.2 MB pdf)
Department:	Department of Electrical and Computer Engineering
Degree:	Master of Science
Program:	Computer Engineering
Document Type:	Thesis
Advisory Committee:	Ansari, Nirwan (Committee chair) Rojas-Cessa, Roberto (Committee member) De, Swades K. (Committee member)
Date:	2005-01
Keywords:	Internet security Denial of service
Availability:	Unrestricted
Abstract:	Internet security was not a concern when the Internet was invented, but we cannot deny this fact anymore. Since all forms of businesses and communications are aligned to the Internet in one form or the other, the security of these assets (both infrastructure and content) is of prime importance. Some of the well known consequences of an attack include gaining access to a network, intellectual property thefts, and denial of service. This thesis focuses on countering flood-type attacks that result in denial of service to end users. A new classification of this denial of service attacks, known as the low rate denial of service, will be the crux of our discussion. The average rate of this attack is so low that most routers or victims fail to detect the attack. Thus far, no solution can counter the low rate attacks without degrading the normal performance of the Transmission Control Protocol. This work proposes a router-based solution to detect and defend low as well as high rate distributed denial of service attacks (DDoS). A per flow approach coupled with the Deterministic Packet Marking scheme is used to detect and block attack flows autonomously. The solution provides a rapid detection and recovery procedure during an attack.