A tool to mitigate denial of service attacks on LAN
Abstract
Today, schools, government agencies, corporations, and even home computer users conduct most of their business on a computer network by sharing information, resources, and files. This networking can be accomplished on a closed network or in most cases from one network or host to another via the Internet. However, a network environment makes the whole infrastructure susceptible to a myriad of dangerous possibilities: computer viruses, Trojans, and malicious malware. This consequently makes the network and servers not work efficiently because of the exhausted bandwidth and perhaps computing resources. Therefore, the information systems which depend on the network and servers do not continue with services. And as result, the services of the compromised network/ server are made unavailable to legitimate users. Such a security problem is called a Denial-of-Service (DoS) attack. For this reason, it is imperative to immediately mitigate DoS attacks where possible in an event that they happen. This study presented a tool based on a packet filtering approach, used to mitigate flooding attacks. Packet filtering has been done based on legitimate signatures of the incoming packets.
The study was experimental and was conducted in an environment which was as similar as possible to the production environment of the project case study. The developed prototype consists of two modules, namely; tracking module and mitigation which keeps track of the System’s state and filters against malicious IP addresses respectively.
To evaluate the impact of the proposed system versus a standard Firewall, we experimented with the firewall and the proposed system independently but in similar environment. Our results indicated that the prototype system was able mitigate DoS flooding attacks. The results also showed that the prototype system responded fairly faster compared to the standard firewall.