چکیده (انگلیسی):

DDoS attacks have become very popular since the turn of this
millennium and has stayed in the headlines due to ever increasing and
sometimes devastating attacks on popular web servers. In this study, we
deal with DDoS attacks by proposing a correlation based approach with a
sliding window model to detect and mitigate DDoS attack. The proposed
scheme identifies malicious traffic flow towards a target system based on
the volume of traffic flowing towards the victim machine and uses a
correlation based approach with a sliding window model to detect and
isolate malicious hosts. Rate limiting is applied individually on each
malicious flow based on the volume of malicious traffic generated by the
attacking hosts rather than a collective rate limiting on the total malicious
flow towards victim. The results observed in simulation shows that the
proposed approach detects the onset of the attacks very early and reacts to
the threat by rate limiting the malicious flow based on the volume of
attack traffic generated by each attacking hosts. The approach also adapts
quickly to any changes in the rate of flow. The proposed system can be
successfully implemented at critical points in the network as autonomous
defense systems to limit the volume of malicious packet flow towards the
target system.
Keywords: DDoS, Correlation, Sliding Window, Adaptive Rate Limiting