Host-based Intrusion Detection against Distributed Denial of Service Attacks

350 Abstract One of the greatest threats that network security faces nowadays is Distributed Denial of Service attacks. A newer version of the Denial of Service attack, also called Distributed Denial of Service attack or DDoS. In a distributed denialof-service (DDoS) attack, an attacker may use your computer to attack another computer. An attacker may attempt to: “flood” a network and thus reduce a legitimate user‟s bandwidth, prevent access to a service, or disrupt service to a specific system or a user. In this paper describe methods and techniques used in denial of service attacks. In this study, simulate a distributed denial of service attack using ns-2 network simulator. The detection is host based and in this simulation we have attacker and victim computer and attacker is distributed means attacker use other different computers to impose the attack on victim. This work on intrusion detection cannot prevent or defend against DDoS, it is applicable to help the security administrators detect a DDoS attack and take actions as soon as possible to avoid greater loss.