Widagdo, Gede Barkah and Galinium, Maulahikmah and Lim, Charles (2016) Analysis of Hybrid DDOS Defense Using ANYCAST to Mitigate DDOS Impact. Masters thesis, Swiss German University.
![[img]](http://repository.sgu.ac.id/style/images/fileicons/text.png) |
Text
Gede Widagdo 22014208 TOC.pdf Download (1MB) |
|
Text
Gede Widagdo 22014208 1.pdf Restricted to Registered users only Download (2MB) |
|
Text
Gede Widagdo 22014208 2.pdf Restricted to Registered users only Download (1MB) |
|
Text
Gede Widagdo 22014208 3.pdf Restricted to Registered users only Download (1MB) |
|
Text
Gede Widagdo 22014208 4.pdf Restricted to Registered users only Download (18MB) |
|
Text
Gede Widagdo 22014208 5.pdf Restricted to Registered users only Download (897kB) |
|
Text
Gede Widagdo 22014208 Ref.pdf Download (1MB) |
Abstract
Distributed of Denial of Service (DDoS) attack is a huge threat for online business. The thoughtest challenge defending against DDoS attacks is where the attacker has many botnets and distributed the internet so they have capa- bility to overwhelm the selected node. (SpechtandLee,2004) classified DDoS attack into 2 classification are bandwidth depletion and resource depletion at- tack. Bandwidth depletion attack such as ICMP Flood and NTP Amplification, and Resource depletion attack such as SYN Flood and Slowloris Attack, those are among the most popular type of DDoS attack in 2014 - 2015. High volume of IP datagrams, huge number of packet and huge number of connections can causing a denial of service in the victim side. With this kind of attack, defenses at the victim are useless because legitimate traffic is suppressed before it even reaches the victim. An effective solution must be “in” the network, where it can drop traffic before damage or reach the victim. Some mitigation techniques have been proposed, but no one has proposed DDoS defense to mitigate band width depletion and resource depletion as a package of DDoS defense. Hybrid DDoS Defense is an attempt to fill the gap. The idea is how to drop traffic before it gets to the victim. Hybrid DDoS Defense met this criteria, Hybrid DDoS defense put firewalls in multiple locations and one location is the center of the services to be protected, a firewall is use for sanitize the traffic so web server only received legitimate request. Hybrid DDoS defense tested by bandwidth depletion and resource depletion attack, result is traffic distributed to multiple nodes so as to weaken DDoS attacks, it lighten the firewall to sanitize the incoming traffic then send legitimate traffic to the server(the target of attack). Hybrid DDoS defense deployment have capability to mitigate both of DDoS attacks classification are bandwidth depletion and resource depletion until90%. In addition, we showed the comparison of DDoS defense in the victim deploy-ment and hybrid deployment.
| Item Type: | Thesis (Masters) |
|---|---|
| Uncontrolled Keywords: | Denial of Services; Anycast; Bandwidth Depletion; Resource Deple- tion. |
| Subjects: | T Technology > T Technology (General) > T58.5 Information technology T Technology > T Technology (General) > T58.6 Management information systems |
| Divisions: | Faculty of Engineering and Information Technology > Department of Information Technology |
| Depositing User: | Atroridho Rizky |
| Date Deposited: | 13 Jul 2020 14:36 |
| Last Modified: | 13 Jul 2020 14:36 |
| URI: | http://repository.sgu.ac.id/id/eprint/1139 |
Actions (login required)
 |
View Item |