Autonomous Agent for DDoS Attack Detection and Defense in an Experimental Testbed

Distributed Denial of Service (DDoS) attacks impinge on the availability of critical resources in the Internet domain. The objective of this paper is to develop an autonomous agent based DDoS defense in real time without human intervention. A mathematical model based on Lanchester law has been designed to examine the strength of DDoS attack and defense group. Once attack strength is formulated efficient defense mechanism is deployed at the victim to block malicious flows. The proposed framework is validated in an experimental testbed with geographically distributed testbed nodes. From the experimental results, the strength of attack group is observed as 49%. The defense strength of Hop Count Filtering mechanism is obtained as 31.3% whereas the proposed Hybrid Model defense effectiveness is computed as 48.7%. Also, Adaptive Bandwidth Management (ABM) using fuzzy inference system provides sustainable bandwidth to legitimate users by providing low bandwidth share for attackers. The proposed autonomous agent based model defends against DDoS attack in various aspects like prevention of IP spoofing, effective bandwidth management, improvement of Quality of Service provisioning, availability of services to legitimate clients and protecting critical infrastructure points. The defense mechanism paves way to Critical Information Infrastructure Protection.