• Login
    View Item 
    •   FUTOSpace Home
    • Thesis and Dissertations
    • Doctoral
    • School of Management Technology (SMAT)
    • Department of Information Management Technology (IMT)
    • View Item
    •   FUTOSpace Home
    • Thesis and Dissertations
    • Doctoral
    • School of Management Technology (SMAT)
    • Department of Information Management Technology (IMT)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    A Game Theory Model for Detection and Mitigation of Ddos Attacks on Web Servers

    Thumbnail
    View/Open
    Amadi_A game_2018.pdf (4.664Mb)
    Date
    2018-07
    Author
    Amadi, E. C.
    Metadata
    Show full item record
    Abstract
    Distributed Denial of Service (DDoS) attacks are very common in the world of internet today. Attackers are now quicker in launching such attacks because they have sophisticated and automated DDoS attack tools which require minimal human effort. The attack aims to deny or degrade normal services for legitimate users by sending huge network traffic so as to the victim to exhaust services, connection capacity or the bandwidth. In this work, game theory concept was used to develop a mitigation mechanism against DDoS attacks on web servers. The mitigation approach presented in this work was achived using six steps which include: developing the game solution approach using game theory and linear programming, writing the PHPSIM script, developing a two-way mitigation approach using a python script and IPtable rules. A game matrix generated using network parameters was solved using a simplex solver known as PHPSIM and the output used to set the python script and IPtable rules. The mitigation script was then tested extensively on a live test bed. The mitigation technique developed in this work is known as the Anti-DDoS firewall. A zero sum game model that represents an attacker(s) and a defender (firewall) strategies was developed using linear programming operation research technique. A game matrix was simulated for connection between 10 and 50. The game model was simulated using a Hypertext Pre-processor (PHP) simplex script known as PHPSIM which was developed using the simplex algorithm. The best strategy the firewall can adopt to defend against DDoS attack was then determined from the output of the PHPSIM simulation. A positive game value was gotten which shows that the game favours the firewall. The strategies X1, X2, X3, X4, and X5 corresponding to the firewall settings at 10, 20, 30, 40 and 50 connections respectively for a sending rate of 3/s were obtained. The strategy X5 with the highest value of 0.6 from the game matrix solution is the best strategy for the firewall. This value corresponds to a maximum connection value of 50 while maintaining the sending rate at 3/s. The output of the game solution was used to control a mitigation script/firewall mechanism that is used to reduce the effect of DDoS attack on port 80/443 of a web server system. The Anti-DDoS mitigation technique was developed using Python and IPtabel rules. The mitigation approach was tested extensively on a live test bed comprising of kali Linux machines. It was observed that the mitigation approach was able to drop considerable amount of rouge packets while limiting the number of connections to 50 for all connections thereby allowing legitimate users access to the server. Setting maximum number of connection at other strategies shows a clear drop in the number of packets allowed into the network which implies lower payoff. The result shows that the Anti-DDoS firewall mitigation mechanism, DDoS attacks can be efficiently mitigated. The mitigation mechanism should be implemented on the company’s edge router or directly on the server to be protected.
    URI
    http://futospace.futo.edu.ng/xmlui/handle/123456789/3214
    Collections
    • Department of Information Management Technology (IMT) [1]

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV
     

     

    Browse

    All of FutospaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV