Scribd Logo
Upload

Welcome to Scribd!

  • Final Part I

    Uploaded by

    venkatdv
    15 views9 pages
    This certificate document certifies that Mr. N.V. Krishna Rao submitted his dissertation titled "Preventing Denial of Service Attacks" in partial fulfillment of the requirements for a Master of Technology degree in Computer Science. The dissertation was carried out from August 2009 to July 2010 under the guidance of Dr. S. Durga Bhavani and Mr. S.V.S. Hanumantha Rao. The results from the dissertation were verified and found to be satisfactory, and the work has not been submitted elsewhere for another degree.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This certificate document certifies that Mr. N.V. Krishna Rao submitted his dissertation titled "Preventing Denial of Service Attacks" in partial fulfillment of the requirements for a Master of Technology degree in Computer Science. The dissertation was carried out from August 2009 to July 2010 under the guidance of Dr. S. Durga Bhavani and Mr. S.V.S. Hanumantha Rao. The results from the dissertation were verified and found to be satisfactory, and the work has not been submitted elsewhere for another degree.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as doc, pdf, or txt
    15 views9 pages

    Final Part I

    Uploaded by

    venkatdv
    This certificate document certifies that Mr. N.V. Krishna Rao submitted his dissertation titled "Preventing Denial of Service Attacks" in partial fulfillment of the requirements for a Master of Technology degree in Computer Science. The dissertation was carried out from August 2009 to July 2010 under the guidance of Dr. S. Durga Bhavani and Mr. S.V.S. Hanumantha Rao. The results from the dissertation were verified and found to be satisfactory, and the work has not been submitted elsewhere for another degree.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as doc, pdf, or txt
    of 9

    i

    CERTIFICATE

    This is to certify that the Dissertation entitled “PREVENTING DENIAL OF SERVICE

    ATTACKS” is being submitted by Mr. N.V.KRISHNA RAO (Roll no. 08034D0501) in

    partial fulfillment of the requirement for the award of the degree of MASTER OF

    TECHNOLOGY in COMPUTER SCIENCE, to the School of Information Technology,

    Jawaharlal Nehru Technological University, Hyderabad is a record of bonafide work

    carried out by him under our guidance and supervision from August 2009 to July 2010.

    The results present in this dissertation have been verified and are found to be satisfactory.

    The results embodied in this dissertation have not been submitted to any other University for

    the award of any degree or diploma.

    INTERNAL GUIDE EXTERNAL GUIDE

    Dr S.DURGA BHAVANI, M.Tech, PhD Mr. S.V.S.HANUMANTHA RAO, M.Tech


    PROFESSOR ASSOC.PROFESSOR
    School of Information Technology, Department of CSE,
    Jawaharlal Nehru Technological University, Institute of Aeronautical Engineering,
    Hyderabad. Hyderabad.

    DIRECTOR

    Dr. L.V.A.R.Sarma
    School of Information Technology,
    Jawaharlal Nehru Technological University Hyderabad,
    Kukatpally, Hyderabad.
    ii

    Date:

    CERTIFICATE
    This is to certify that the Dissertation entitled “PREVENTING DENIAL OF

    SERVICE ATTACKS” is being submitted by Mr. N.V.KRISHNA RAO (Roll no.

    08034D0501) in partial fulfillment of the requirement for the award of the degree of

    MASTER OF TECHNOLOGY in COMPUTER SCIENCE, to the School of Information

    Technology, Jawaharlal Nehru Technological University, Hyderabad is a record of

    bonafide work carried out by him under our guidance and supervision from August 2009 to

    July 2010.

    The results present in this dissertation have been verified and are found to be

    satisfactory. The results embodied in this dissertation have not been submitted to any

    other University for the award of any degree or diploma.

    Mr.SVS HANUMANTHA RAO,M.Tech. Dr. G.POSHAL,


    Assoc. Professor,CSE DEPT. PRINCIPAL
    Institute of Aeronautical Engineering,
    Hyderabad.
    EXTERNAL GUIDE
    iii

    ACKNOWLEDGEMENT
    I reckon to a distant pleasure to endorse out indebtedness and deep sense of gratitude

    to our beloved Director Dr.L.V.A.R.Sarma, for his encouragement in all endeavors.

    I was greatly indebted to our project internal guide Dr S.DURGA BHAVANI,

    Professor, School of IT, JNTUH, for her patience and cheerful readiness to help in my

    project. I thank her for all the support, encouragement, and suggestions she has given during

    the course of the project which made us to see the silver line in every dark cloud.

    I would like to express my profound thanks to my project external guide

    Mr.S.V.S.HANUMANTHA RAO, M.Tech, Associate Professor, CSE Department, IARE,

    Hyderabad for his valuable suggestions and guidance in making this project successful.

    I was greatly indebted to my Project Co-ordinator Mr.G.PRAVEEN BABU,

    Associate Professor,SIT for his cooperation and encouragement in all endeavors, who boosted

    my morale all time.

    I also extend my thanks to all the staff and faculty of School of IT, JNTUH for their

    cooperation during the course of the project work. My profound thanks for their help in

    providing the necessary facilities to do the project work.

    Finally I would like to express our sincere thanks to each and everyone of my college,

    who have contributed their help and guidance for successful completion of this project.

    Project Associate,
    N.V.Krishna Rao,
    Roll no: 08034D0501.
    iv

    ABSTRACT

    This Project explores mechanisms for defending against Denial of Service (DoS)

    attacks, have become one of the major threats to the operation of the Internet today. It

    proposes a scheme for detecting and preventing the most harmful and difficult to detect DoS

    Attacks those that use IP address spoofing to disguise the attack flow.

    The scheme is based on a firewall that can distinguish the attack packets (containing

    spoofed source addresses) from the packets sent by legitimate users, and thus filters out most

    of the attack packets before they reach the victim. The scheme allows the firewall system to

    configure itself based on the normal traffic of a Web server, so that the occurrence of an

    attack can be quickly and precisely detected. The MDAF scheme employs a firewall at each

    of the perimeter routers of the network to be protected and the firewall scans the marking

    field of all incoming packets to selectively filter-out the attack packets.

    On employing this marking scheme, when a packet arrives at its destination, its

    marking depends only on the path it has traversed. If the source IP address of a packet is

    spoofed, this packet must have a marking that is different from that of a genuine packet

    coming from the same address. The spoofed packets can thus be easily identified and dropped

    by the filter, while the legitimate packets containing the correct markings are accepted.

    MDAF Scheme:

    Marking Scheme:

    The mark made by a router would be a function of its IP address. To fit the 32-bit IP

    address A of a router into the ID field, scheme employ a hash function h that converts A to a

    16-bit value. This scheme adopt the CRC-16 hash function which is easy to compute and has
    v

    low collision rate. Since attackers can easily know the routers’ IP addresses, they can spoof

    the marking on a packet if they know the hash function used by each router.

    To avoid such spoofing of the marking, each router R uses a 16-bit key KR (which

    is a random number chosen by the router) when computing its marking. The marking for a

    router R is calculated as MR = h(A) XOR KR, where A is the IP address of the router. After

    receiving a packet the router computes the marking M = MR XOR Mold, if an old marking

    Mold exists in that packet, and replaces Mold with M.

    Filtering Scheme:

    1) If the (IP-address, Marking) pair is same with one of the records in the Filter Table, the

    packet is received.

    2) If the source IP address of the packet exists in the Filter Table, but the marking does not

    match, this packet is considered to be a spoofed packet and is dropped. TMC is incremented.

    3) If the source IP address does not appear in the Filter Table, then this packet is accepted

    with a probability p. TMC is incremented.

    4) If the TMC value exceeds the threshold, an attack is signaled.

    5) All echo reply messages that are received as responses to the firewall’s requests are

    handled by the Check List verification process. They are not passed through the filter.
    vi

    INDEX

    CERTIFICATES i

    ACKNOWLEDGMENT iii

    ABSTRACT iv

    LIST OF FIGURES & TABLES viii

    1. INTRODUCTION 1

    2. LITERATURE SURVEY 3

    2.1. IPSpoofing and DoS Attacks 3

    2.2. Existing System 12

    2.3. Proposed System 16

    3. ANALYSIS AND DESIGN 19

    3.1. System Analysis

    3.1.1. Specifications 19

    3.1.2. Feasibility Study 25

    3.1.3. Software & Hardware Requirements 27

    3.2. System Design

    3.2.1. Modules Description 28

    3.2.2. UML Diagrams 29

    3.2.3. Tables 35
    vii

    4. IMPLEMENATATION 38

    4.1. Scheme Implementation 38

    4.2. Software Profile 42

    4.3. Code Specifications 45

    5. TESTING 53

    6. SCREENS 56

    7. CONCLUSIONS 89

    8. FUTURE ENHANCEMENTS 90

    9. BIBLIOGRAPHY 91

    10. APPENDICES 92
    viii

    LIST OF FIGURES

    Fig. No. Figure Title Page No.


    Fig.2.1 Basic Concept of IPSpoofing 4
    Fig.2.2 IPSpoofing 4
    Fig.2.3 Impersonation 5
    Fig.2.4 Intruder 6
    Fig.2.5 Flooding Attack 6
    Fig.2.6 Reflection Attack 7
    Fig.2.7 DoS Attack 8
    Fig.2.8 2003 CSI/FBI computer crime and security survey 10
    Fig.2.9 2004 CSI/FBI computer crime and security survey 11
    Fig.2.10 2009 CSI/FBI computer crime and security survey 11
    Fig.2.11 Existing System 12
    Fig.2.12 Marking Scheme 17
    Fig.2.13 System Structure 17
    Fig.3.1 Marking Scheme 20
    Fig.3.2 System Structure 23
    Fig.3.3 Use Case Diagram 29
    Fig.3.4 Class Diagram 30
    Fig.3.5 Sequence Diagram 31
    Fig.3.6 Collaboration Diagram 32
    Fig.3.7 Activity Diagram 33
    Fig.3.8 Component Diagram 34
    Fig.3.9 Deployment diagram 34
    Fig.4.1 DoS Attack 38
    Fig.4.2 Topology for packet flow in normal routing 39
    Fig.4.3 Topology for routing change consideration 39
    Fig.6.1 - 6.64 Screens 57 - 88

    LIST OF TABLES

    No. Tables Page No.


    Table.2.1 Comparison between PI and MDAF 18
    Table.3.1 Login Table 35
    Table.3.2 Mark Table 35
    Table.3.3 Check Table 36
    Table.3.4 SMC Table 36
    Table.3.5 Data Structure of Message Packet 37
    ix

    Table.3.6 Data Structure of Message Packet 37


    Table.5.1 Test cases for Client Window 54
    Table.5.2 Test cases for Attacker Window 55

    You might also like