International Journal of Reliable Information and Assurance
Volume 4 No. 1, 2016, pp 1-8
Hybrid Firecol to Support Different IPS Rules
In computer networks, Denial of service (DoS) attacks has become a major threat. To have a better understanding on DoS attacks, this article provides an overview on existing DoS attacks and major defense technologies in the Internet and wireless networks. Packet flooding is the major problem which works to shut down the particular web server. Here the attacks occur as the increase of traffic to degrade the performance of web server. Major firms like Microsoft suffered an attack from a DDoS called MyDoom. Early discovery of these attacks, although challenging, is necessary to protect victim server's network infrastructure resources. Previous intrusion prevention systems like FireCol although efficient in thwarting DDoS, its architecture is based on ISP collaboration and virtual protection rings. We propose to use expended firecol an IPS rules (Snort rules) driven DDoS detection approach that checks various parts of a data packet and not just the header. This enables the detection system to eliminate other forms DoS attacks such as Slow Read DoS attack. Its effectiveness and low overhead, as well as its support for incremental deployment in real networks are demonstrated.