Total views : 188
Enhancing Security by Preventing DoS and DDoS Attack using Hybrid Approach
Objectives: Denial-of-service (DoS) and distributed-denial-of-service (DDoS) are the critical threats in the network security. To overcome from these kinds of attacks the existing system created a puzzle scheme called software puzzle. However the malicious user tries to solve the puzzle, the graphics processing unit (GPU) which is present inside the computer will decrease the effect of the client puzzle. Methods: In this method the puzzle algorithm is generated randomly based on the client request. Once the request is received the server will generate the puzzle with random key, the client receive the puzzle process it and generate the solution for the puzzle. The server verifies it. The drawback in the existing system is that the puzzle does not contain time period so the attacker will hack the key at any time and flood server with malicious request another one is that As the DDOS attack increases, the puzzle difficulty should be also increased, Increase in difficult level the computation cost also increases. Findings: To overcome from this the proposed method contain encrypted one time password (OTP) that is server will generate encrypted OTP based on the Hash function and the salt it is send to the client, Then the client will decrypt the OTP. Based on the decrypted value the client will type the password and send to the server, it will check the password with the mapped value. Another advantage in the proposed method is that it only allow three time for each user to enter wrong password in fourth time the puzzle will be generated the user has to solve and the server will check it. The puzzle solving is created to check whether it is a malicious user or a genuine client by this security is improved and denial of service attack is reduced. Applications: In this approach website security is increased, Attacker chance of hacking and flooding the server with malicious request will be reduced, Allow only genuine user to access the website by use of encrypted OTP and Puzzle approach.
Distributed-Denial-of-Service, Encrypt, Hash Function, One-time-Password, Salt, Software Puzzle.
- Yongdong Wu, Zhigang Zhao, Feng Bao, Robert H Deng. Software Puzzle: A Countermeasure to ResourceInflated Denial-of-Service Attacks. IEEE Transactions on Information forensics and security. 2015 Jan; 10(1):168-77.
- Kalaikavitha E, Juliana Gnanaselvi. Secure Login Using Encrypted One Time Password (OTP) and Mobile Based Login Methodology. International Journal of Engineering and Science. 2013 Apr; 2(10):14-17.
- Jesudoss A, Subramaniam NP. EAM: Architecting Efficient Authentication Model for Internet Security using ImageBased One Time Password Technique. Indian Journal of Science and Technology. 2016 Feb; 9(7):1-8.
- Keunsoo Lee, Juhyun Kim, Ki Hoon Kwon, Younggoo Han, Sehun Kim. DDoS attack detection method using cluster analysis. Expert Systems with Applications. 2008 Apr; 34(3):1659–65.
- Mirkovic J, Peter Reiher. D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks. IEEE Transactions on Dependable and Secure Computing. 2005 Aug; 2(3):216-32.
- Yau DKY, Lui JCS, Feng Liang. Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles. ACM Transaction on Networking. 2005 Feb; 13(1):29-42.
- Countering Denial-of-Service Attacks Using Congestion Triggered Packet Sampling and Filtering. Date Accessed: 15/10/2001: Available from: http://ieeexplore.ieee.org/doc ument/956309/?reload=true&arnumber=956309.
- Ganesh Kumar K, Arivazhagan D. Generating A Digital Signature Based On New Cryptographic Scheme For User Authentication And Security. Indian Journal of Science and Technology. 2014 Oct; 7(S6):1-5.
- Rosario Gennaro, Yehuda Lindell. Springer Berlin Heidelberg: A framework for password-based authenticated key exchange. 2003 May; p. 524-43.
- William G Morein, Angelos Stavrou, Debra L Cook, Angelos Keromytis, Vishal Misra D. Using Graphic Turing Tests to Counter Automated DDoS Attacks Against Web Servers.Proceedings of 10th ACM conference on Computer and communications security. 2003 Sep; p. 8-19.
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution 3.0 License.