Professional Documents
Culture Documents
Prevention of Severe Denial-Of-Service Threats Using Wraps: Mrs. R.Bharathi
Prevention of Severe Denial-Of-Service Threats Using Wraps: Mrs. R.Bharathi
THREATS USING
WRAPS
Guided by
Mrs. R.BHARATHI M.E.. (PhD),
Done by
N . Michael Franklin
ABSTRACT
critical application areas, the information transmission must be kept secret
and confidentiality should be ensured
Typically target sites or services such as banks, credit card payment gateways.
WRAPS will defend against attacks by granting privilege URL to legitimate clients,
thereby ensuring protection against such attacks
DO DBQuery
www.annauniv.edu.in
Requests
RequestsLook
LookLegitimate
Legitimate**Standard
Standardfilters
filtersdon’t
don’thelp
help
FACTORS MOTIVTED DDos Attack
Revenue Loss
Service Unavailability
Service Disruption
Communication Overhead
ATTACK MODEL
Assumed that adversaries can modify at most a small fraction of legitimate
packets destined for the target website
The attacker can launch a DDos attack by simply destroying these packets.
EXISTING SYSTEM
DoS attacks seek to render target systems inoperable and/or target networks
inaccessible.
"Traditional" DoS attacks, generate a large amount of traffic from a given host or
subnet and it is possible for a site to detect such an attack in progress and defend
themselves.
Distributed DoS attacks are designed as a coordinated attack from many sources
simultaneously against one or more targets.
1. Overlay-Based Approaches
2. Capability-Based Approaches
EXISTING SYSTEM
Drawbacks
W
E
A Queues Firewall b
S
E
R
V
E
r
DESIGN
Privilege URL
Sample url format : http://<host>:<port>/<urlpath>
Hides capability token inside the suffix of the destination IP field and the
whole destination port field.
Priority Field
Priority Field
Optional Filed
This project uses only one priority field for clarity of presentation
Message Authentication Code (MAC)
MAC prevents adversaries from forging a capability token
Ti = Capability Token
Protection Mechanism – Privileged Channel Establishment
DESIGN
Referral Protocol
Modules used
Attacker
Client
Edge Router
Firewall
Queue
Server
ADVANTAGES