Defense and monitoring model for distributed denial of service attacks

Due to emergence of wireless networks and immense use of hand held devices, wireless networks encounter a great threat of denial of service attack. Traditionally IP-Based Filtering has been used to combat these attacks, however studies shows that thousands of distributed zombies work in cooperation generate huge network traffic that result in distributed denial of service (DDOS) attacks and illegitimate access to resources and services. In this paper, first we studied attacks and mitigation scenarios to analyze network wide DDoS security anomalies. This will help us to drive supplementary active measurements to characterize the strength and characteristic of attacks to improve correlation of our log data and with other publicly available network traffic analysis data. Secondly, we presented a monitoring scheme to simulate a variety of attacks on different mobile operating system. This will identify the potential threat of different DDoS attacks for such platform and traffic scanning activity to avoid detection of attacks such as Ping to Death DDoS attack. Third, we followed proceedings of an enduring basis to extort trends in the attack frequency, make-up, and production of extensive DDoS attacks. This longitudinal analysis was necessary for understanding the progression of the threats and vulnerabilities. In conclusion, while analyzing our early results concerning large-scale DDoS attack. We used a hybrid approach to diminish and prevent the attack. Network Simulator 2 (NS-2) is used to imitate the real environment and to create attack traffic with different attack strength. The simulation results are encouraging as we were able to establish, and approximate strength of DDoS attack efficiently.