A Tool to Mitigate Denial of Service Attacks on Wired Networks

Abstract

Presently, several institutions share information, resources, and files over computer networks. Network environments are susceptible to various security risks including computer viruses, Trojans, and malicious malware, making networks inefficient due to exhausted bandwidth and computing resources. Ultimately, compromised networks/servers are made unavailable to legitimate users. Such a security problem is called a Denial-of-Service (DoS) attack. It is imperative to mitigate DoS attacks immediately. This study presented a tool based on a packet filtering approach, used to mitigate flooding attacks. This was an experimental study conducted in an environment similar to the production environment of the project case study. The developed prototype consists of the mitigation and tracking modules. To evaluate the responsiveness of the proposed system, its performance was compared with an Uncomplicated Firewall (ufw) (Ubuntu default firewall), we experimented with the firewall and the proposed system independently but in similar environment. Results indicated that the prototype system ably mitigated the DoS flooding attacks (UDP and ICMP flooding attacks) and also responded fairly faster than Ubuntu standard firewall .