presentation1 shweta

19
FIRECOL (A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDOS ATTACKS) Shweta patil

Upload: swet4

Post on 22-Jan-2018

204 views

Category:

Engineering


0 download

TRANSCRIPT

Page 1: Presentation1 shweta

FIRECOL(A COLLABORATIVE PROTECTION NETWORK FOR

THE DETECTION OF FLOODING DDOS ATTACKS)

Shweta patil

Page 2: Presentation1 shweta

INTRODUCTION

Now a days providing security to the network has become a mandatory for the survival of many entities that depend on their Internet presence.

Protection against network attacks is a necessary to stay in today’s global market. So Denial of Service Attacks (DOS) have been considered one of the main threat against computer networks.

There are two aims for DDoS attacks. The first is to consume the resources of the host and second is to consume the bandwidth of the network.

Distributed denial-of-service (DDoS) attacks remain a major security problem, the mitigation of which is very hard especially when it comes to highly distributed botnet-based attacks.

The early discovery of these attacks, although challenging, is necessary to protect end-users as well as the expensive network infrastructure resources.

Page 3: Presentation1 shweta

Normally, a huge set of machines are used to launch a Distributed Denial of Service (DDOS) attack against a certain server or set of servers.

The attack, originating from different sources, is very hard to detect via any single border firewall or IDS as each device has only a local view. Besides, attackers try to generate packets that look like normal traffic.

On the other hand, protecting the server at the close vicinity of its network is also inefficient because it becomes overwhelming for a single device to perform all the packets classification of the huge concentrated amount of traffic that it receives.

Page 4: Presentation1 shweta

DISTRIBUTED DENIAL OF SERVICE

Page 5: Presentation1 shweta

“THIS IS A PROCESS IN WHICH MANY COMPUTER

SYSTEMS, COMPRIMISED BY A HOST, SEND USELESS

DATA TO A NETWORK TO STOP INTERNET

CONNECTION”

Page 6: Presentation1 shweta

EXISTING SYSTEM To countering DDoS attacks by fighting the underlying

vector which is usually the use of botnets.

The exponential growth of computer/network attacks are becoming more and more difficult to identify the need for better and more efficient intrusion detection systems increases in step.

The main problem with current intrusion detection systems is high rate of false alarms

The design and implementation of a load balancing between the traffic coming from clients and the traffic originated from the attackers is not implemented.

Page 7: Presentation1 shweta

A botnet is a large network of compromised

machines (bots) controlled by one entity (the

master). The master can launch synchronized

attacks, such as DDoS, by sending orders to the

bots a Command & Control channel.

Page 8: Presentation1 shweta

DISADVANTAGES OF EXISTING SYSTEM

Distributed denial-of-service (DDoS) attacks remain a major security problem to implementing complex access control policies for accessing data.

Huge traffic to transit through the Internet and only detect/block it at the host IDS/IPS may severely strain Internet resources.

The mitigation of network delay is very hard especially when it comes to highly distributed botnet-based attacks.

Page 9: Presentation1 shweta

PROPOSED SYSTEM

This paper proposed FireCol, a scalable solution for the early detection of flooding DDoS attacks. Belief scores are shared within a ring-based overlay network of IPSs. It is performed as close to attack sources as possible, providing a protection to subscribed customers and saving valuable network resources.

We address the problem of DDoS attacks and present the theoretical foundation, architecture, and algorithms of FireCol.

The core of FireCol is composed of intrusion prevention systems (IPSs) located at the Internet service providers (ISPs) level.

Page 10: Presentation1 shweta

The IPSs form virtual protection rings around the hosts to defend

and collaborate by exchanging selected traffic information.

The evaluation of FireCol using extensive simulations and a real

dataset is presented, showing FireCol effectiveness and low

overhead, as well as its support for incremental deployment in real

networks.

Experiments showed good performance and robustness of FireCol

and highlighted good practices for its configuration. Also, the

analysis of FireCol demonstrated its light computational as well as

communication overhead.

Page 11: Presentation1 shweta

DATA FLOW DIAGRAM

Page 12: Presentation1 shweta

MODULES OF PRAPOSED SYSTEM

NETWORK SECURITY

DISTRIBUTED DENIAL-OF-SERVICE

(DDOS)

FIRECOL ATTACK DETECTION

Page 13: Presentation1 shweta

FIRECOL ARCHITECTURE

Page 14: Presentation1 shweta

ADVANTAGES OF PRAPOSED SYSTEM

A future work to plan and extend FireCol to support

different IPS rule structures.

The core of FireCol is composed of intrusion prevention

systems (IPSs) located at the Internet service providers

(ISPs) level.

Page 15: Presentation1 shweta

SYSTEM IMPLEMENTATION

Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.

The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.

Implementation is the process of converting a new system design into operation. It is the phase that focuses on user training, site preparation and file conversion for installing a candidate system.

The important factor that should be considered here is that the conversion should not disrupt the functioning of the organization.

Page 16: Presentation1 shweta

HARDWARE REQUIREMENT

Processor : Any Processor above 500 MHz.

Ram : 128Mb.

Hard Disk : 10 Gb.

Compact Disk : 650 Mb.

Input device : Standard Keyboard and Mouse.

Output device : VGA and High Resolution Monitor.

Page 17: Presentation1 shweta

SOFTWARE REQUIREMENT

Platform : JDK 1.7

Program Language : JAVA

Tool : Net beans,eqlispe

Operating System : Microsoft Windows XP

Page 18: Presentation1 shweta

CONCLUSION AND FUTURE WORKS

This paper proposed FireCol, a scalable solution for the

early detection of flooding DDoS attacks. Belief scores

are shared within a ring-based overlay network of IPSs.

It is performed as close to attack sources as possible,

providing a protection to subscribed customers and

saving valuable network resources.

Experiments showed good performance and robustness

of FireCol and highlighted good practices for its

configuration.

Page 19: Presentation1 shweta

PLEASE FEEL FREE TO ASK YOUR QUESTIONS

THANK YOU