Scribd
Upload
37 views

Final Part I

This certificate document certifies that Mr. N.V. Krishna Rao submitted his dissertation titled "Preventing Denial of Service Attacks" in partial fulfillment of the requirements for a Master of Technology degree in Computer Science. The dissertation was carried out from August 2009 to July 2010 under the guidance of Dr. S. Durga Bhavani and Mr. S.V.S. Hanumantha Rao. The results from the dissertation were verified and found to be satisfactory, and the work has not been submitted elsewhere for another degree.

Uploaded by

venkatdv
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
37 views

Final Part I

This certificate document certifies that Mr. N.V. Krishna Rao submitted his dissertation titled "Preventing Denial of Service Attacks" in partial fulfillment of the requirements for a Master of Technology degree in Computer Science. The dissertation was carried out from August 2009 to July 2010 under the guidance of Dr. S. Durga Bhavani and Mr. S.V.S. Hanumantha Rao. The results from the dissertation were verified and found to be satisfactory, and the work has not been submitted elsewhere for another degree.

Uploaded by

venkatdv
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 9

i

CERTIFICATE

This is to certify that the Dissertation entitled “PREVENTING DENIAL OF SERVICE

ATTACKS” is being submitted by Mr. N.V.KRISHNA RAO (Roll no. 08034D0501) in

partial fulfillment of the requirement for the award of the degree of MASTER OF

TECHNOLOGY in COMPUTER SCIENCE, to the School of Information Technology,

Jawaharlal Nehru Technological University, Hyderabad is a record of bonafide work

carried out by him under our guidance and supervision from August 2009 to July 2010.

The results present in this dissertation have been verified and are found to be satisfactory.

The results embodied in this dissertation have not been submitted to any other University for

the award of any degree or diploma.

INTERNAL GUIDE EXTERNAL GUIDE

Dr S.DURGA BHAVANI, M.Tech, PhD Mr. S.V.S.HANUMANTHA RAO, M.Tech


PROFESSOR ASSOC.PROFESSOR
School of Information Technology, Department of CSE,
Jawaharlal Nehru Technological University, Institute of Aeronautical Engineering,
Hyderabad. Hyderabad.

DIRECTOR

Dr. L.V.A.R.Sarma
School of Information Technology,
Jawaharlal Nehru Technological University Hyderabad,
Kukatpally, Hyderabad.
ii

Date:

CERTIFICATE
This is to certify that the Dissertation entitled “PREVENTING DENIAL OF

SERVICE ATTACKS” is being submitted by Mr. N.V.KRISHNA RAO (Roll no.

08034D0501) in partial fulfillment of the requirement for the award of the degree of

MASTER OF TECHNOLOGY in COMPUTER SCIENCE, to the School of Information

Technology, Jawaharlal Nehru Technological University, Hyderabad is a record of

bonafide work carried out by him under our guidance and supervision from August 2009 to

July 2010.

The results present in this dissertation have been verified and are found to be

satisfactory. The results embodied in this dissertation have not been submitted to any

other University for the award of any degree or diploma.

Mr.SVS HANUMANTHA RAO,M.Tech. Dr. G.POSHAL,


Assoc. Professor,CSE DEPT. PRINCIPAL
Institute of Aeronautical Engineering,
Hyderabad.
EXTERNAL GUIDE
iii

ACKNOWLEDGEMENT
I reckon to a distant pleasure to endorse out indebtedness and deep sense of gratitude

to our beloved Director Dr.L.V.A.R.Sarma, for his encouragement in all endeavors.

I was greatly indebted to our project internal guide Dr S.DURGA BHAVANI,

Professor, School of IT, JNTUH, for her patience and cheerful readiness to help in my

project. I thank her for all the support, encouragement, and suggestions she has given during

the course of the project which made us to see the silver line in every dark cloud.

I would like to express my profound thanks to my project external guide

Mr.S.V.S.HANUMANTHA RAO, M.Tech, Associate Professor, CSE Department, IARE,

Hyderabad for his valuable suggestions and guidance in making this project successful.

I was greatly indebted to my Project Co-ordinator Mr.G.PRAVEEN BABU,

Associate Professor,SIT for his cooperation and encouragement in all endeavors, who boosted

my morale all time.

I also extend my thanks to all the staff and faculty of School of IT, JNTUH for their

cooperation during the course of the project work. My profound thanks for their help in

providing the necessary facilities to do the project work.

Finally I would like to express our sincere thanks to each and everyone of my college,

who have contributed their help and guidance for successful completion of this project.

Project Associate,
N.V.Krishna Rao,
Roll no: 08034D0501.
iv

ABSTRACT

This Project explores mechanisms for defending against Denial of Service (DoS)

attacks, have become one of the major threats to the operation of the Internet today. It

proposes a scheme for detecting and preventing the most harmful and difficult to detect DoS

Attacks those that use IP address spoofing to disguise the attack flow.

The scheme is based on a firewall that can distinguish the attack packets (containing

spoofed source addresses) from the packets sent by legitimate users, and thus filters out most

of the attack packets before they reach the victim. The scheme allows the firewall system to

configure itself based on the normal traffic of a Web server, so that the occurrence of an

attack can be quickly and precisely detected. The MDAF scheme employs a firewall at each

of the perimeter routers of the network to be protected and the firewall scans the marking

field of all incoming packets to selectively filter-out the attack packets.

On employing this marking scheme, when a packet arrives at its destination, its

marking depends only on the path it has traversed. If the source IP address of a packet is

spoofed, this packet must have a marking that is different from that of a genuine packet

coming from the same address. The spoofed packets can thus be easily identified and dropped

by the filter, while the legitimate packets containing the correct markings are accepted.

MDAF Scheme:

Marking Scheme:

The mark made by a router would be a function of its IP address. To fit the 32-bit IP

address A of a router into the ID field, scheme employ a hash function h that converts A to a

16-bit value. This scheme adopt the CRC-16 hash function which is easy to compute and has
v

low collision rate. Since attackers can easily know the routers’ IP addresses, they can spoof

the marking on a packet if they know the hash function used by each router.

To avoid such spoofing of the marking, each router R uses a 16-bit key KR (which

is a random number chosen by the router) when computing its marking. The marking for a

router R is calculated as MR = h(A) XOR KR, where A is the IP address of the router. After

receiving a packet the router computes the marking M = MR XOR Mold, if an old marking

Mold exists in that packet, and replaces Mold with M.

Filtering Scheme:

1) If the (IP-address, Marking) pair is same with one of the records in the Filter Table, the

packet is received.

2) If the source IP address of the packet exists in the Filter Table, but the marking does not

match, this packet is considered to be a spoofed packet and is dropped. TMC is incremented.

3) If the source IP address does not appear in the Filter Table, then this packet is accepted

with a probability p. TMC is incremented.

4) If the TMC value exceeds the threshold, an attack is signaled.

5) All echo reply messages that are received as responses to the firewall’s requests are

handled by the Check List verification process. They are not passed through the filter.
vi

INDEX

CERTIFICATES i

ACKNOWLEDGMENT iii

ABSTRACT iv

LIST OF FIGURES & TABLES viii

1. INTRODUCTION 1

2. LITERATURE SURVEY 3

2.1. IPSpoofing and DoS Attacks 3

2.2. Existing System 12

2.3. Proposed System 16

3. ANALYSIS AND DESIGN 19

3.1. System Analysis

3.1.1. Specifications 19

3.1.2. Feasibility Study 25

3.1.3. Software & Hardware Requirements 27

3.2. System Design

3.2.1. Modules Description 28

3.2.2. UML Diagrams 29

3.2.3. Tables 35
vii

4. IMPLEMENATATION 38

4.1. Scheme Implementation 38

4.2. Software Profile 42

4.3. Code Specifications 45

5. TESTING 53

6. SCREENS 56

7. CONCLUSIONS 89

8. FUTURE ENHANCEMENTS 90

9. BIBLIOGRAPHY 91

10. APPENDICES 92
viii

LIST OF FIGURES

Fig. No. Figure Title Page No.


Fig.2.1 Basic Concept of IPSpoofing 4
Fig.2.2 IPSpoofing 4
Fig.2.3 Impersonation 5
Fig.2.4 Intruder 6
Fig.2.5 Flooding Attack 6
Fig.2.6 Reflection Attack 7
Fig.2.7 DoS Attack 8
Fig.2.8 2003 CSI/FBI computer crime and security survey 10
Fig.2.9 2004 CSI/FBI computer crime and security survey 11
Fig.2.10 2009 CSI/FBI computer crime and security survey 11
Fig.2.11 Existing System 12
Fig.2.12 Marking Scheme 17
Fig.2.13 System Structure 17
Fig.3.1 Marking Scheme 20
Fig.3.2 System Structure 23
Fig.3.3 Use Case Diagram 29
Fig.3.4 Class Diagram 30
Fig.3.5 Sequence Diagram 31
Fig.3.6 Collaboration Diagram 32
Fig.3.7 Activity Diagram 33
Fig.3.8 Component Diagram 34
Fig.3.9 Deployment diagram 34
Fig.4.1 DoS Attack 38
Fig.4.2 Topology for packet flow in normal routing 39
Fig.4.3 Topology for routing change consideration 39
Fig.6.1 - 6.64 Screens 57 - 88

LIST OF TABLES

No. Tables Page No.


Table.2.1 Comparison between PI and MDAF 18
Table.3.1 Login Table 35
Table.3.2 Mark Table 35
Table.3.3 Check Table 36
Table.3.4 SMC Table 36
Table.3.5 Data Structure of Message Packet 37
ix

Table.3.6 Data Structure of Message Packet 37


Table.5.1 Test cases for Client Window 54
Table.5.2 Test cases for Attacker Window 55

You might also like