Page Length: 49

Size: 69 KB

Format: PDF & Word

5,000.00

ABSTRACT

 

As the Internet is growing so is the vulnerability of the network. Denial ofService attacks (DDoS) are one of such kind of attacks. In this paper, one of the more popular DDoS attack is the TCP-SYN Flood attack. The SYN flooding attacks are launched by exploiting the TCP’s three-way handshake mechanism and its limitation in maintaining its half-opened connections on internet protocols IPv4 and IPv6.

This study is aimed in the detection of DDOS attack with neuro-fuzzy algorithm combination of fuzzy logic and neural network (ANFIS). To simulate this project research MATLAB 2012a software which is a programming language and environment for scientific computing. The result of comparison showed that the ANFIS model to the ANFIS has more accuracy in detecting DDoS in Internet Protocol (IPv4 and IPv6).

TABLE OF CONTENT

 

CONTENT                                                                                                                PAGES

Cover Page                                                                                                                              i

Title Page                                                                                                                                ii

Certification                                                                                                                            iii

https://rufortouthee.com/4/7692130

Declaration of Originality                                                                                                       iv

Dedication                                                                                                                              v

Acknowledgments                                                                                                                  vi

Abstract                                                                                                                                  vii

Table of Contents                                                                                                                   viii

List of Figures                                                                                     x

 

CHAPTER ONE                                                                                                                 

INTRODUCTION

1.0       Project Synopsis                                                                                                          1

1.1       Background to the Study                                                                   1

1.2       Statement of the Problem                                                                                           3

1.3       Motivation                                                                                                                  4

1.4       Aim and Objectives                                                                                                    5

1.5       Contribution to knowledge                                                                                         5

1.6       Project Arrangement                                                                                                   5

 

CHAPTER TWO                                                                                                                

LITERATURE REVIEW

2.0       Introduction                                                                                                                7

2.1       Historical background of IPv4 and IPv6                                                                    11

2.1.1    Ipv6 Improvement Over Ipv4                                                                         12

2.1.2    Denial of Service in Ipv6 Network                                                                 13

2.1.3    Internet Protocol (Ipv4 And Ipv6) Address Security                                    13

 

2.2       Existing methods for DDoS Attack Detection                                                          14

2.2.1    Algorithms and Techniques for Detecting DoS / DDoS Attacks on              16

Network Servers and Internet Protocols

2.3       Review of Adaptive Neuro Fuzzy Inference Scheme (ANFIS)                                22

 

CHAPTER THREE                                                                                                            

PROJECT METHODOLOGY

3.0       Introduction                                                                                                               25

3.1       Methodology                                                                                                             25

3.2       Requirement specification                                                                                         25

3.2.1    Functional Requirements                                                                                26

3.2.2    Non-Functional Requirements                                                                        26

3.2.3    Software Requirements                                                                                  27

3.2.4    Hardware Requirements                                                                                 27

3.3       System Analysis                                                                                                         28

3.3.1    Overview of Various DDoS Attack                                                               28

3.3.2    ANFIS (FIS) Structure and Parameter Adjustment                                       29

3.3.3    A Normal and Attack Scenario                                                                      30

3.3.4    Protocol to trace back the source of DDoS attacks                                        34

usingNeuro-Fuzzy Algorithm.

3.4       Method of Data Collection                                                                                         35

3.4.1    Preprocessing of Datasets                                                                               35

3.5       Design                                                                                                                         36

3.5.1    Evaluation Metric                                                                                           36

3.5.2    Design of Proposed Architecture                                                                   37

CHAPTER FOUR                                                                                                               

IMPLEMENTATION, RESULTS AND DISCUSSION

4.0       Introduction                                                                                                                41

4.1       Network Simulation                                                                                                    41

4.2       Testing                                                                                                                        42

4.2.1    Training Data                                                                                                  43

4.3       Project schedule                                                                                                          46

4.4       Quality management                                                                                                   47

 

CHAPTER FIVE                                                                                                                

CONCLUSION

5.0       Conclusion                                                                                                                  48

5.1       Contribution to knowledge                                                                                         48

5.2       Limitations                                                                                                                  49

5.3       Recommendation and future works                                                                           49

5.4       Critical Appraisal                                                                                                        49

 

REFERENCES                                                                                  50

APPENDIX                                                                                        53

 

 

 

 

 

 

 

 

 

LIST OF FIGURES

 

                                                                                                                                           PAGES

Figure 3.1:       DDoS Attack Overview.                                                                                29

Figure 3.2:       ANFIS Model Structure.                                                                                30

Figure 3.3:       A Normal Scenario and A (SYN Flood Attack) Scenario.                            32

Figure 3.4:       A TYPICAL SYN-Flood Attack.                                                                  33

Figure 3.5:       Basic Flow of Designing Artificial Neural Network Model                          38

Figure 3.6:       The Activity Flow Diagram of proposed method.                                         40

Figure 3.7:       DDoS Detection Flowchart.                                                                           41

Figure 3.8:       Proposed Architecture for Network Traffic Analyzer                                    42

Figure 4.1:       Comparison of Training Data and ANFIS data                                             46

Figure 4.2:       ANFIS Training Data Error at each training epoch.                                       47

Figure 4.3:       Root Mean Squared Checking Data Errors at each training epoch.               48

Figure 4.4:       Detection (Snapshot of the Interface)                                                                        49

 

           

 

 

 

 

 

 

CHAPTER ONE

INTRODUCTION

This chapter focuses on the introductory aspect of the project, it consists of the background of the research project, statement of the problem, project aim and objectives and observation. It also gives an overview of the project report structure.

1.1       BACKGROUND OF THE STUDY

A Denial-of-Service (DoS) attack is a network attack from a single machine that attempts to prevent the victim, the targeted machine, from communicating to other devices on the network or perform its normal tasks (DiMarco, 2012). The extension of these attacks to include many malicious machines became known as Distributed Denial-of-Service (DDoS) attacks. DDoS attacks causes an immense amount of strain on both the victim and the devices used to reach the victim (DiMarco, 2012).

According toManickam, (2014), the first well documented DoS attacks occurred in 1974. These attacks were developed by hackers to disrupt communication between a client and a server. They would be targeted against a victim machine, but can lead to other machines being affected. Depending on the attack, the victim could fail to provide a single service or fail to provide any network connectivity at all.

One of the major challenges in the fast networks security management is that the detection of suspicious anomalies in network traffic patterns is often difficult and the machine will become vulnerable to attacks with time (Redhwan, 2014). A DDoS attack only differs with DoS from the method, a DoS is made from a system or network while a DDoS attack is organized to happen simultaneously from a large number of systems or networks.

A hacker begins a DDoS attack by exploiting vulnerability in a computer system and making it the DDoS “master”. From the master system, the intruder identifies and communicates with other systems that can be compromised also. The intruder loads DDoS attack tools on those compromised systems. The intruder can instruct the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service (Cai and Hembroff, 2006). Some DDoS attacks utilize internet worms to automate the process of exploiting and compromising computer systems, as well as launching DDoS attacks.

Attackers use spoofed source addresses to hide their identity and location in DDoS attacks. Some service providers do perform ingress filtering to check for valid source IP addresses coming into access routers, but this is not completely effective. The trace back mechanisms trace the true source of the attackers to stop the attack at the point nearest to its source to reduce waste of network resources and to find the attacker’s identities (Meena and Trivedi, 2012).

Nowadays, many companies and/or governments require a secure system and/or an accurate Intrusion Detection System (IDS) to defend their network services and the user’s private information. Kato and Klyuev, (2014) research further on network security, and they deduce DDoS attacks jam the network service of the target using multiple bots hijacked by crackers and send numerous packets to the target server.

Servers of many companies and/or governments have been victims of the attacks. In such an attack, detecting the crackers is extremely difficult, because they only send a command by multiple bots from another network and then leave the bots quickly after command execute.

In general, detection is required before the spread of a DDoS attack. DDoS detection is often part of a wider intrusion detection system (IDS). IDS can be classified based on the serving component (the audit source location) as either host-based, network-based or a combination of both. The host-based is usually located in a single host while the network-based system is usually located on machine separate from the hosts that it protects. Hybrid intrusion detection systems combine both the network and host-based systems (Alenezi and Reed, 2012).

There are two general forms of DoS attacks: those that crash services and those that flood services. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately (Silica Kole, 2013).

1.2       STATEMENT OF THE PROBLEM

Firstly, with the relatively immature network infrastructure, many network operators don’t have the ability to inspect network traffic well enough to distinguish DDoS attacks from harmless traffic. Secondly, gateways that link IPv4 and IPv6 must store lots of ‘state’ information about the network traffic they handle, and that essentially makes them weaker and breakable. Divers challenges has been encountered in the network environment, where attackers spoof source IP addresses, and send out an indefinite quantity of packets attack that is above the average size or magnitude of IP addresses space. which consumes bandwidth, memory, CPU cycles, and any other resource that is necessary for normal operation. Due to the fact that IP’s occupies such a relatively small space, Internet security implementations are not taken into full consideration. This leaves a lot of networks vulnerable to various DDoS attacks. DDoS (such as SYN Flood) attack has posed a lot of threat on IP’s.

Various algorithms and models has been used to effectively address this problem. It is very important to develop a system capable of detecting various forms of attack on IP’s. Neural systems have effective learning calculations, and had been introduced as a contrasting option to computerize the improvement of tuning fuzzy frameworks.Neural systems present its computational attributes of learning in the fuzzy frameworks and get from them the translation and clarity of frameworks representation.This project work will make use of a model and algorithm to effectively address these situations.

 

1.3      MOTIVATION          

The motivations for this research study are:

  1. There is a need to adequately address and examine communication interrupt caused by various DDoS attack (such as SYN Flood) on Internet Protocols (Ipv4 and Ipv6) between client and server on a network, because it has posed a lot of threats and damages on the system as a whole.
  2. Due to attacks on network of user Internet protocols, there is a need to gain adequate knowledge on network attacks and how to address those attack issues, using a more efficient security technique and methodology.
  • IP address spoofing that allows denial of service attack needs to be addressed to protect and help maintain the performance of computer systems and to protect information.
  1. And then of the neural networks (ANFIS) have learning capacity, generalization capacity, and also very efficient.

 

1.4       AIM AND OBJECTIVES

The project aim is to simulate and detect DDoS (TCP SYN) Flooding attacks on IPV4 and IPV6 using an ANFIS model and Neuro-Fuzzy algorithm to compare the performance analysis.

OBJECTIVES

  1. To use an ANFIS model and Neuro-Fuzzy algorithm to detect DDoS attacks on IPv4 and IPv
  2. To gather, pre-process, train and test data for the experiment in (i).
  • To implement a protocol that will be helpful to detect and trace back the source of DDoS attacks on IPv4 and IPv6.

1.5       CONTRIBUTION TO KNOWLEDGE

This research work will make use of the proposed system to assist with prompt and accurate detection of DDoS attack on Ipv4 and Ipv6 so as to be able to ascertain the performance analysis of various network traffic and able to deduce the most suitable protocol for a particular network.

 

1.6       PROJECT ARRANGEMENT

Chapter one: Is the introduction of the project and it comprises background, statement of the problem, motivation, project aim and objectives, project methodology, contribution to knowledge and definitions of some terms used.

Chapter two: Contains an extensive literaturereview on various DDoS attacks. This will provide an in-depth knowledge of how to mitigate various form attacks.

Chapter three: Contains research methodology and it comprises requirement specification, analysis, design and also contains UML (Unified Modelling Language) diagrams that describes how the system works.

Chapter four: Contains the implantation procedure which consist of screen shots of the results and detailed discussion on how each component of the system works.

Chapter five: Conclusion of the work and proffers recommendation.

DOWNLOAD COMPLETE WORK

DISCLAIMER: All project works, files and documents posted on this website, eProjectTopics.com are the property/copyright of their respective owners. They are for research reference/guidance purposes only and some of the works may be crowd-sourced. Please don’t submit someone’s work as your own to avoid plagiarism and its consequences. Use it as a reference/citation/guidance purpose only and not copy the work word for word (verbatim). The paper should be used as a guide or framework for your own paper. The contents of this paper should be able to help you in generating new ideas and thoughts for your own study. eProjectTopics.com is a repository of research works where works are uploaded for research guidance. Our aim of providing this work is to help you eradicate the stress of going from one school library to another in search of research materials. This is a legal service because all tertiary institutions permit their students to read previous works, projects, books, articles, journals or papers while developing their own works. This is where the need for literature review comes in. “What a good artist understands is that nothing comes from nowhere. The paid subscription on eProjectTopics.com is a means by which the website is maintained to support Open Education. If you see your work posted here by any means, and you want it to be removed/credited, please contact us with the web address link to the work. We will reply to and honour every request. Please notice it may take up to 24 – 48 hours to process your request.

WeCreativez WhatsApp Support
Administrator (Online)
Hello and welcome. I am online and ready to help you via WhatsApp chat. Let me know if you need my assistance.