An Efficient Source Information based Filtering Scheme for DDOS Attacks

These days, Internet is the most essential medium for communication which is used by many users across the Network. Together, its commercial nature is causing enhance vulnerability to increase cyber crimes and there has been an immeasurable raise in the number of Distributed Denial of Service (DDOS) attacks on the internet over the past decade. Resources of network such as web servers, network bandwidth and network switches are generally the victims of DDoS attacks. DDoS attack tools employed a lot of IP address spoofing. The majority of the recent research on DDoS attack packet filtering depends on cooperation among routers, which is tough to attain in real campaigns. Hence, in this paper to defend against various source IP address spoofing a novel filtering scheme is proposed based on source information. The proposed scheme works autonomously at the potential victim side, and gathers the source information of its clients, for instance, source IP addresses, skips from the server during attacks free period. When a DDoS attack alarm is raised, the attack packets can be f i lt e r ed based on the ga t her ed d knowledge of the legitimate clients. The source IP addresses is divided into n (1 ≤ n ≤ 32 ) segments in the proposed algorithm; based on result, the challenge storage can be released and speed up the process of information retrieval. The proposed system and the experiments show that the method works effectively and efficiently.