The exponential advancement in telecommunication embeds the Inter-net in every aspect of communication.Interconnections of networks all over the world impose monumental risks on the Internet.A Flooding Attack(FA)is one of the major intimidating risks on the Internet where legitimate users are prevented from accessing network services.Irrespective of the protective measures incorpo-rated in the communication infrastructure,FA still persists due to the lack of glo-bal cooperation.Most of the existing mitigation is set up either at the traffic starting point or at the traffic ending point.Providing mitigation at one or the other end may not be a complete solution.To insist on better protection againstflooding attacks,this work proposes a cooperative multilevel defense mechanism.The proposed cooperative multilevel defense mechanism consists of two-level of mitigation.In thefirst level,it is proposed to design a Threshold-based rate-limit-ing with a Spoofing Resistant Tag(TSRT),as a source end countermeasure for High-Rate Flooding Attacks(HRFA)and spoofing attacks.In the second level,the accent is to discriminate normal traffic after Distributed Denial of Service(DDoS)traffic and drop the DDoS traffic at the destination end.Flow Congru-ence-based Selective Pushback(FCSP),as a destination-initiated countermeasure for the Low Rate Flooding Attack(LRFA).The source and the destination coop-erate to identify and block the attack.A key advantage of this cooperative mechanism is that it can distinguish and channel down the attack traffic nearer to the starting point of the attack.The presentation of the agreeable cooperative multilevel safeguard mechanism is approved through broad recreation in NS-2.The investigation and the exploratory outcomes show that the proposed plan can effectively identify and shield from the attack.
展开▼
