—Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are attempts to make a server resources unavailable to its intended users. SYN flooding attack is one type of DDoS attack. In SYN flooding attack, the attacker sends flood of SYN packets to victim server. This paper focus on effective detection of SYN flooding attack. The aim of this paper is to compare the results of detection of DDoS attack in both centralized and distributed approaches. The proposed approach is distributed detection of DDoS attack which reduces traffic in the network and load on server which is very high in centralized detection. The experiments are conducted in Network Simulator 2 (NS2) to validate our distributed detection of DDoS attack . The experiments are conducted in Centralized and Distributed approaches. The total actual victims found by centralized approach is 78.75 % and the total number of actual victims found by our distributed approach is 77.5 %. In both centralized and distributed approaches the results matched well. The traffic in network and load on the central DDoS monitor in our distributed approach is less, which encourages research in distributed detection of SYN flooding attack instead of centralized approach.
—DDoS Attack and SYN flooding attack.
Santhosh Kumar Karre is with IBM India Software Labs, Bangalore, India. As part of my job at IBM, I am involved in Network management product development.
Cite:Santhosh Kumar Karre, "Distributed Detection of DDoS Attack," International Journal of Future Computer and Communication vol. 2, no. 6, pp. 628-632, 2013.