Shielding the Server from Furtive Distributed Denial of Service Attacks using Dominate and Release Policy

Abstract: With the increase in threats in cyber security it is predictable that any service providing systems could be easily victimized by intruders. All the incoming requests are served by the servers attached to the systems and thus attackers can target the servers and generate illegitimate requests with the possibility of malfunctioning. The faux requests are practically imperceptible as the traffic they engender is suspected to be in low-rate. We represent respective intensities for legitimate traffic and fake traffic. The initial result is under the assumption of static routing by the attackers, followed by time-varying attacks. We confront the case like Join-the-Shortest-Queue is not a solid policy to defend from the time-varying attacks as the throughput region providing intensities for both legitimate and fake traffics are compromised. This study will provide you a clear idea on how to balance the traffic and defend the network from Distributed DoS attacks which lugs the possibility to degrade the system by using dominate and release(DaR) policy. We shall discuss this method using .NET framework on how we can identify the manual and automatic incoming requests to the server and provide protection.

Keywords: Service provisioning system, Distributed Denial of Service, Dominate and Release (DaR) policy, DDoS attack, illegitimate traffic.