DEVELOPMENT OF AN INTERNET PROTOCOL TRACEBACK SCHEME FOR DENIAL OF SERVICE ATTACK SOURCE DETECTION
Need help with a related project topic or New topic? Send Us Your Topic
DOWNLOAD THE COMPLETE PROJECT MATERIAL
DEVELOPMENT OF AN INTERNET PROTOCOL TRACEBACK SCHEME FOR DENIAL OF SERVICE ATTACK SOURCE DETECTION
Chapter One: Introduction 1.1 Background on Network Attacks
Network attacks are considered cybercrimes. It includes unauthorised practices like as using limited online assets without permission, stealing or gaining unauthorised access to a system, revealing private resources, or maliciously disabling, changing, or deleting a system’s network functions (ISO/IEC 2009).
Most human day-to-day actions now involve a computer network since it simplifies the process. The necessity for adequate security in computer networks is a rapidly rising field of concern due to increased reliance on networks and the alarming rate at which new network assaults emerge.
Attacks on computer networks have major consequences for business and the economy because networks contain vast amounts of data, which are the primary focus of corporate leaders when making choices.
Furthermore, governments and security organisations, especially the military, rely on network data to make critical choices and prepare strategically. Because of the relative importance of computer networks in critical fields of human activity, attacks against them have immediate or indirect consequences for many individuals.
The Denial of Service (DoS) assault is a common network attack. DoS attacks are not used to steal, eavesdrop, breach privacy, or threaten data integrity on a system; instead, they are used to deny victims access to their own network, causing clients to lose transactions.
DoS attacks and their variants are the most devastating network challenges. According to the literature, it is one of the most devastating harmful attacks performed against a corporation or organisation.
In awareness of the significant harm that cybercrimes are inflicting to humanity, various governments around the world, including Nigeria, have implemented laws and policies to combat the scourge of cyber-attacks.
Examples include the US Stop Online Piracy and Protect IP Act (SOPA/PIPA) (Schmitz, 2013), the UK Data Protection Act (Data Protection Act, 1998), and the Nigerian Cybercrime Act (Cybercrime Act, 2015).
To resolve DoS assaults, it is necessary to identify the offenders and engage in a legal struggle against them in order to serve as a deterrence and pay the victim.
A successful legal struggle can only be won by using established infallible facts to establish a criminal offence against a culprit. Network forensic professionals employ Internet Protocol (IP) traceback tools to collect network data that can be used to establish facts about an attack as well as identify the source of the assault.
Denial of service (DoS) attacks are a type of cybercrime that necessitates an IP traceback scheme that is specifically designed to take into account its intricate characteristics and distinguish it from normal network transactions that transmit large amounts of data, which may be symptomatically similar to DoS (Bhandari et al., 2016).
A typical network traffic scenario known as a flash event (FE) is extremely similar to a Distributed DoS (DDoS) attack, a type of DoS. A flash event (or flash crowd (Bhandari et al., 2016)) is a situation in which a circumstance piques the interest of a large number of network users in accessing a certain network resource on a server.
A real example of a flash event in which legitimate traffic swamped the server is the 1998 FIFA hosting website, which received more visitors than it could handle (Chawla et al., 2016).
Both flash events and DDoS attacks generate a large amount of traffic from various sources to a single server. A simple DoS attack is comparable to file download manager software that can split a download into several pieces and use multiple threads to download them concurrently.
Depending on the volume of traffic created by the download process, it may have an impact on the server’s services, similar to a DoS assault. High packet flow traffic induced by a flash event can be separated from a DoS assault by examining certain traffic characteristics.
Need help with a related project topic or New topic? Send Us Your Topic