Abstrait

Privacy Ensured Domain Name Query Scheme with Attack Detection Mechanism

M. Dhaarani, Mr. S. Sivaraj, ME

Distributed Denial of Service (DDoS) attacks are initiated by the botnets. Botnets are managed by the central authority. Botnets are capable to initiate many DoS attacks. Scanning, DoS Attacks, Sniffers, Information harvesting, Encryption are the main operations of the botnet. AgoBot, SDBot, SpyBot, and GTBot are the most commonly used bot families. Denial-of-Service (DoS) attack is an attempt by attacker to prevent legitimate users from using resources. Denialof- Service denies a victim (host, router, or entire network) from providing or receiving normal services. Distributed Denial of Service (DDoS) Attacks are generated in a “many to one” dimension. In DDoS attack model large number of compromised host are gathered to send useless service requests, packets at the same time. Botmaster instructions are distributed through hidden channels in a network. A C&C channel for a botnet needs to be reliable, redundant, noncentralized and easily disguised as legitimate traffic. Domain Name Service (DNS) provides a distributed infrastructure for storing, updating and disseminating data. DNS is targeted as a stealthy botnet command-and-control channel. Malicious DNS activities are hide at the network level. Exponentially Distributed Query and Piggybacking Query attacks are detected using the markov chain analysis and statistical analysis mechanism. Probability distribution based analysis model is used to detect automatic domain flux attacks. DNS tunneling technique is used for transmitting arbitrary data via DNS protocol. Network flow based attacks are controlled with secured data communication through DNS between the nodes. Automated anomaly detection is adapted to the system. Navy bayesian classification technique is integrated to the system. Small query analysis mechanism is integrated with the system.

Avertissement: Ce résumé a été traduit à l'aide d'outils d'intelligence artificielle et n'a pas encore été examiné ni vérifié