BITS Faculty Publications

Permanent URI for this communityhttp://localhost:4000/handle/123456789/1867

Browse

Filters

2018 - 201932020 - 20211

Settings

Has files: NoSubject: search.filters.subject.DDoS

Search Results

Now showing 1 - 4 of 4
  • No Thumbnail Available
    Item
    Mitigating DNS Amplification Attacks Using a Set of Geographically Distributed SDN Routers
    (IEEE, 2018) Gupta, Vishal
    Large DNS amplification attacks which overwhelm the victim's network bandwidth are a serious problem. In this paper, we propose a solution which can protect networks from these large DNS amplification attacks. The solution involves a set of geographically distributed routers, called a Barrier of Routers (BoR). Networks which want to protect themselves will route all their incoming and outgoing traffic through this barrier. The barrier scans all incoming traffic, drops attack traffic and sends the rest to the intended recipient. For some type of attacks, like DNS amplification attack, the barrier can mitigate attack traffic with almost full accuracy under the stated achievable assumptions. Therefore, the number of attack packets reaching the victim is negligible.
  • No Thumbnail Available
    Item
    DNS Amplification Based DDoS Attacks in SDN Environment: Detection and Mitigation
    (IEEE, 2019) Gupta, Vishal; Kulshrestha, Rakhee
    Domain Name System (DNS) amplification based Distributed Denial of Service (DDoS) attacks have been part of the Internet's history for a long time. Since the inception of Internet protocol, several security measures, improved protocols, and hardware have been developed but there still is not a foolproof way to avoid such DDoS attacks. Attackers have used it to congest networks and servers with the aim of disrupting services which in turn lead to huge financial losses. Software-Defined Network (SDN) environment has evolved as a promising alternative to legacy networks. It essentially gives the underlying network an external controller (brain) which makes respective network layer devices centrally programmable. This gives administrators absolute control over the network, to decide and take action on how each and every packet in the network should move around. It is predicted as the future of computer networking to thwart major cyberattacks with nearly full autonomy on the network. Through this research, it is intended to identify and mitigate DNS Amplification based DDoS attacks in such an environment. A middle-layer third-party solution is proposed to protect an organization's network by offloading the attack to an open flow enabled SDN network. Using a bloom filter as a defense mechanism, detection and mitigation of an attack is done.
  • No Thumbnail Available
    Item
    Prevention and Mitigation of DNS based DDoS attacks in SDN Environment
    (IEEE, 2019) Gupta, Vishal
    Denial-of-Service attack (DoS attack) is an attack on network in which an attacker tries to disrupt the availability of network resources by overwhelming the target network with attack packets. In DoS attack it is typically done using a single source, and in a Distributed Denial-of-Service attack (DDoS attack), like the name suggests, multiple sources are used to flood the incoming traffic of victim. Typically, such attacks use vulnerabilities of Domain Name System (DNS) protocol and IP spoofing to disrupt the normal functioning of service provider or Internet user. The attacks involving DNS, or attacks exploiting vulnerabilities of DNS are known as DNS based DDOS attacks. Many of the proposed DNS based DDoS solutions try to prevent/mitigate such attacks using some intelligent non-“network layer” (typically application layer) protocols. Utilizing the flexibility and programmability aspects of Software Defined Networks (SDN), via this proposed doctoral research it is intended to make underlying network intelligent enough so as to prevent DNS based DDoS attacks.
  • No Thumbnail Available
    Item
    DDoS Prevention: Review and Issues
    (Springer, 2021) Gupta, Vishal
    Networks connected to the Internet are always susceptible to distributed denial-of-service (DDoS) attacks. In spite of a lot of different DDoS defense mechanisms in place, DDoS attacks still happen. These mechanisms fall under the category of DDoS detection, DDoS mitigation, and DDoS prevention. Although DDoS detection and mitigation are well defined and understood terms, DDoS prevention is used with different meanings in the literature. Concerning reflection-based DDoS amplification attacks, in this paper, we define ideal prevention and true prevention. Former is an ideal situation in which primarily the security of all the Internet hosts is well up to the mark and does not allow them to become participating members of DDoS attacks, whereas later is a practically feasible situation in which the network itself can prevent and mitigate DDoS attack within some fixed time interval. We also provide the literature review of DDoS prevention techniques and argue that the ones which conform to the definition of ideal prevention or true prevention are either not dynamic, are computationally expensive, or not scalable; thus, practically not feasible.