Abstract
In this paper we present a complete framework for detection and mitigation of different types of commonly seen deadly DDoS attacks. The system assumes bi-directional traffic information at an edge router to detect and mitigate the attacks. A router might not always see the outgoing traffic corresponding to the incoming traffic carried by the router and which has always been a problem for other approaches which assume bi-directionality of the traffic in the monitoring point. We introduce an agent-based technique which enables each edge router to validate the bi-directional nature of effectiveness of our detection and mitigation the incoming traffic passing through them. We present several experiments demonstrating the system. Also, we introduce a packet marking scheme called as XORID, which can be used to defend against spoofing based DDoS attacks.
Additional information
Notes on contributors
![](/cms/asset/c29bd8c0-2d55-4aeb-8944-2be672ef9361/tijr_a_1604173_ilg0001.gif)
Ram Charan Baishya
Ram Charan Baishya is a PhD student in the Department of Computer Science and Engineering at Tezpur University. His area of research includes network security and machine learning.E-mail: [email protected]
![](/cms/asset/7ce61030-076b-4095-8d2d-476ee6015be4/tijr_a_1604173_ilg0002.gif)
D. K. Bhattacharyya
Dhruba Kr Bhattacharyya received his PhD in computer science from Tezpur University in 1999. He is a professor in the Computer Science & Engineering Department at Tezpur University. His research areas include data mining,network security and content based image retrieval. Prof Bhattacharyya has published 220+ research papers in the leading international journals and conference proceedings. In addition, Dr Bhattacharyya has written/edited 10 books. He is a Programme Committee/Advisory Body member of several international conferences/ workshops. Corresponding author. E-mail: [email protected].