Mitigation of application DDoS attacks using ASNRI scheme for IP and MAC frames

Abstract

With increasing trend in application services on large-scale internet scenario of both wired and wireless interface, intimidation to restrain the application service by Distributed Denial of Service (DDoS) attacks become a high-flying issue. Most of the present DDoS attacks resistance method work on application services in wired network and wireless network individually. No method is offered herewith for the two kinds of networks up to now. Though the present internet application services must switch between wired and wireless platform, well-matched resistance method for Distributed Denial of Service attacks have to be coined for better security which is the present requirement in the environment. With these issues in mind, the proposed model develops counter mechanism to mitigate the potency of the resource attacks and evaluate the efficacy. Application Service Network Request Identification (ASNRI) scheme is presented to provide an apparent demarcation of wired service and wireless services request, which is then fed to the Bayes packet classifier for its associated denial of service attack characteristics. From the Bayes packet classifier, resistance filters are stimulated to restrict denial of service attacks in the respective platform, that is., wired or wireless. The simulation of the proposed ASNRI scheme is conducted with NS-2 simulator to show its effectiveness of restricting Distributed Denial of Service attacks in terms of RESPONSE TIME, APPLICATION SERVICE THROUGHPUT, LOAD VARIANCE in the application server.