There are a number of steps that can be taken both to limit the consequences of being the target of a DoS attack and to limit the chance of your systems being compromised and then used to launch DoS attacks. It is important to recognize that these attacks cannot be prevented entirely. In particular, if an attacker can direct a large enough volume of legitimate traffic to your system, then there is a high chance this will overwhelm your system’s network connection, and thus limit legitimate traffic requests from other users. Indeed, this sometimes occurs by accident as a result of high publicity about a specific siteIn general there are four ways to prevent DDoS attacks.
Attack preemption and prevention (Before the Attack)
These mechanism enables a victim to defend against a DDoS attack attempts without denying services to legitimate clients. In this mechanism techniques include Policy making for resource consumption and enables back up resources. In prevention mechanisms modify system and protocols on the internet to reduce the possibility of DDoS attack.Attack detection and filtering (During the Attack)
In this mechanisms there is need to detect an attack and begins an immediate response. This minimize the impact of the attack on the system. Suspicious pattern or behavior helps detect an attack. Response for these types of attack subjected to filtering out the packets.Attack source trace back and identification (during and after the attack)
The attempt is to identify the source of the attack to prevent future attacks. but this method is not much convenient for fast results.Attack Reaction (after the attack)
This mechanism helps to eliminate effects of the attack. how much damage has been done and where are the loopholes in the system. Assessment techniques included in this mechanism. Helps to modify the security policy of the system and technical replacement comes to light.If we try to get more deep picture of defenses against DDoS attacks then we can classify DDoS attack mechanisms and can make a taxonomy of defenses for DDoS attacks.
Classification by Activity Level:
Defense mechanism with respect to Activity Level can be classified in Preventive and Reactive approach. In Preventive technique it is further classified into Attack Prevention and DoS Prevention. In Attack Prevention technique enhancement of System Security and Protocol Security required so that there is minimum loopholes in system and protocol to be exploited. In DoS Prevention technique Resource Accounting and Resource Multiplication should be accommodated to prevent DoS attacks on specific resources.Reactive approach is more commonly deployed and uses techniques like Attack Detection Strategty and Attack Response Strategy. In Attack Detection Strategy we mainly focus on patterns and behavior of the attack and make comparison with Standard by checking half opern TCP connections and Trained behavior (expected system behavior) set to check the characteristics of the attack. We can also take services from third party like Trace back technique to keep sensitive resources safe from DDoS attacks.
Attack Response Strategy in another technique related with Reactive approach. in this technique we can check the activity of attack by Agent Identification factor, Rate Limiting and Filtering Techniques.
Classification by Co-operation Degree:
Autonomous technique is used at the point of deployment where each resource is capable of its own defense. but this technique is used on small network on large network it is difficult to manage for all the resources in the network.Co-operative technique performs better in joint operation in which defense techniques deployed on different networks helps to prevent and detect DDoS attacks. Trace Back technique belongs to this type of defense.
Interdependent technique cannot operate autonomously and depends on techniques deployed at different networks.
No comments:
Post a Comment