Presently, several institutions share information, resources, and files over computer networks. Network environments
are susceptible to various security risks including computer viruses, Trojans, and malicious malware, making networks inefficient
due to exhausted bandwidth and computing resources. Ultimately, compromised networks/servers are made unavailable to
legitimate users. Such a security problem is called a Denial-of-Service (DoS) attack. It is imperative to mitigate DoS attacks
immediately. This study presented a tool based on a packet filtering approach, used to mitigate flooding attacks. This was an
experimental study conducted in an environment similar to the production environment of the project case study. The developed
prototype consists of the mitigation and tracking modules. To evaluate the responsiveness of the proposed system, its
performance was compared with an Uncomplicated Firewall (ufw) (Ubuntu default firewall), we experimented with the firewall
and the proposed system independently but in similar environment. Results indicated that the prototype system ably mitigated the
DoS flooding attacks (UDP and ICMP flooding attacks) and also responded fairly faster than Ubuntu standard firewall.
George Kyambadde : received Bsc in Computer Science of
Makerere University in 2012. He received Msc in
Computer Science of Makerere University in 2017. He is
currently working as a Lecturer at the School of Business
and Applied Technology, Clarke International University.
His current research interests include; security, and
Machine Learning.
John Ngubiri : a Senior Lecturer at the Department of
Computer Science, College of Computing and Information
Science, Makerere University. He holds a PhD in Computer
Science of Radboud University Nijmegen. His research
interests are in performance evaluation, System
optimization, security and parallel and distributed systems.
In this study, we designed and implemented a
prototype system capable of automatically executing
appropriate mitigation responses. The prototype has
an update_deamon module that allows for decision
making based an earlier action taken on related
packets. This module allows for a fairly faster
responsiveness compared to the standard Ubuntu
firewall as shown in the above results' section;
ultimately, the prototype presents a more effective
solution to the problem of DoS flooding attacks
specifically on wired networks.
[1] Dobbins R., Morales C., Anstee D., Arruda J.,
Bienkowski T., Hollyman M., Labovitz C., Nazario J.,
Seo E., and Shah R. "Worldwide Infrastructure
Security Report. Tech. rep., Arbor Networks," 2010.
[2] David D., Guofei G., Christopher P., Wenke L. "A
Taxonomy of Botnet Structures," Proc. of Annual
Computer Security Applications Conference (ACSAC),
pp. 325-339, December 2007.
[3] [Online]. Available: www.arbornetworks.com.
[4] Kargl F.,Maier."Protecting web servers from
distributed denial of service attacks," 2001.
[5] Roman J., Radek B., Radek V., and Libor s.
"Launching distributed denial of service attacks by
network protocol exploitation," in In Proceedings of
the 2nd international conference on Applied
informatics and computing theory. AICT'11. World
Scientific and Engineering Academy and Society
(WSEAS, Stevens Point, Wisconsin, USA, 2011.
[6] Ghorbani A., Lu W. and Tavallaee . "Network
Intrusion Detection and Prevention: Concepts and
Techniques, Springer", 2010.
[7] Y. Xia, "Selective Dropping of Rate Limiting Again
Denial of Service Attacks," University of Dayton,
2016.
[8] AL-Musawi, Bahaa Qasim M., "MITIGATING
DoS/DDoS ATTACKS USING IPTABLES,"
International Journal of Engineering & Technology pp. 101 - 111, June 2012.
[9] Chatterjee, Koushik. "Design and Development of a
framework to mitigate Dos/DDos attacks using
IPTable firewall," International Journal of Compouter
Science and Telecommunication, pp. 67 - 72, 2013.
[10] H. Wang, C. Jin, and K. G. Shin. "Defense Against
Spoofed IP Traffic Using Hop-Count Filtering,"
IEEE/ACM Trans. On Networking, vol. 15, pp. 40-53,
February 2007.
[11] I. Ward, "Speedometer 2.8 excess.org," 02 April 2015.
[Online]. Available: http://excess.org/speedometer/.
[12] G. o. Security, "GBHackers on Security," [Online].
Available: https://gbhackers.com/hping3-networkscanner-
packer-generator/. [Accessed 20 January
2016].