Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques

Author 1: Muhammad Tahir
Author 2: Mingchu Li
Author 3: Naeem Ayoub
Author 4: Usman Shehzaib
Author 5: Atif Wagan

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2018.090248

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 9 Issue 2, 2018.

Abstract: In Today’s Digital World, the continuous interruption of users has affected Web Servers (WSVRs), through Distributed Denial-of-Service (DDoS) attacks. These attacks always remain a massive warning to the World Wide Web (WWW). These warnings can interrupt the accessibility of WSVRs, completely by disturbing each data processing before intercommunication properties over pure dimensions of Data-Driven Networks (DDN), management and cooperative communities on the Internet technology. The purpose of this research is to find, describe and test existing tools and features available in Linux-based solution lab design Availability Protection System (Linux-APS), for filtering malicious traffic flow of DDoS attacks. As source of malicious traffic flow taken most widely used DDoS attacks, targeting WSVRs. Synchronize (SYN), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP) Flooding attacks are described and different variants of the mitigation techniques are explained. Available cooperative tools for manipulating with network traffic, like; Ebtables and Iptables tools are compared, based on each type of attacks. Specially created experimental network was used for testing purposes, configured filters servers and bridge. Inspected packets flow through Linux-kernel network stack along with tuning options serving for increasing filter server traffic throughput. In the part of contribution as an outcomes, Ebtables tool appears to be most productive, due to less resources it needed to process each packet (frame). Pointed out that separate detecting system is needed for this tool, in order to provide further filtering methods with data. As main conclusion, Linux-APS, solutions provide full functionality for filtering malicious traffic flow of DDoS attacks either in stand-alone state or combined with detecting systems.

Keywords: DDoS attacks; floods detection; Linux-APS architecture; mitigation techniques; network traffic; netfilter; testing approaches

Muhammad Tahir, Mingchu Li, Naeem Ayoub, Usman Shehzaib and Atif Wagan, “A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques” International Journal of Advanced Computer Science and Applications(IJACSA), 9(2), 2018. http://dx.doi.org/10.14569/IJACSA.2018.090248

@article{Tahir2018,
title = {A Novel DDoS Floods Detection and Testing Approaches for Network Traffic based on Linux Techniques},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2018.090248},
url = {http://dx.doi.org/10.14569/IJACSA.2018.090248},
year = {2018},
publisher = {The Science and Information Organization},
volume = {9},
number = {2},
author = {Muhammad Tahir and Mingchu Li and Naeem Ayoub and Usman Shehzaib and Atif Wagan}
}

IJACSA

Upcoming Conferences

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022