Distributed denial of service detection using stepping stone detection method in internet control message protocol attack

Distributed denial of service detection using stepping stone detection method in internet control message protocol attack

The Distributed Denial of Services (DDoS) is an imminent attack that can threaten cyber security even tough the attack is simple. The goal of DDoS attack is to disrupt the services that being provided by a server by forcing the server to a halt. This attack actually is an attack that being conducted...

Full description

Saved in:
Bibliographic Details
Main Author: Nor Izham, Subri
Format: Thesis
Language:eng
eng
eng
Published: 2017
Subjects:
T58.5-58.64 Information technology
Online Access:https://etd.uum.edu.my/9098/1/s816991_01.pdf
https://etd.uum.edu.my/9098/2/s816991_02.pdf
https://etd.uum.edu.my/9098/3/s816991_references.docx
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Distributed Denial of Services (DDoS) is an imminent attack that can threaten cyber security even tough the attack is simple. The goal of DDoS attack is to disrupt the services that being provided by a server by forcing the server to a halt. This attack actually is an attack that being conducted by overwhelming the victim using large amount of host that sends request that need to be processed by the server. DDoS attack using ICMP as a medium prove to be a challenge to cyber security prevention system and application. This is because ICMP-based DDoS attack has a characteristic such as not containing malicious content. Therefore, ICMP-based DDoS attack is hard to be detected by cyber security prevention system and application. The goal of this research is to detect DDoS attack using Stepping Stone Detection (SSD) method. The objective of this research is to develop different approach to detect DDoS attack. There are six stages involved in this research which are analysis, instrument, design, experiment, data collection, and evaluation. The experiment is using testbed where actual hardware is used in a controlled environment where the data obtained is not polluted with other elements. Lastly, False Positive Rate (FPR) is compared so the efficiency of SSD-based method to detect DDoS can be identified. This research shows that SSD-based method obtained low FPR which is 0.206% rather than Snort that obtain 63.04%. This shows that SSD-based method is more efficient to detect ICMP-based DDoS attack than Snort in terms of FPR. As a conclusion, this research shows that SSD capable to detect ICMP-based DDoS attack and achieve the objectives of this research.

Similar Items