Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Immediate Detection of DDoS Attacks with using NetFlow on Cisco Devices IOS


Affiliations
1 Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia
 

Background/Objectives: DDoS attacks are usually detected by analysis of the applications that are installed in or close to the current system are carried out. Methods/Statistical Analysis: Although this method is easy to deploy, but nonurgent and sensitive detection of DDoS attacks that reasons are first, the fact that the write current by interrupting the current collector is normally the data for application analysis creates pieces that caused a delay of several minutes to be recognized. Second, if the attack traffic may be strengthened by the process of sending the original package small enough to be part of a small stream. Findings: In this research paper will show how to detect DDoS attacks on the sender instead of the current collection, the data close to the source and immediate fashion, which had access to a streaming surveillance infrastructure with development needs. In this study, to examine whether the detection system may operate on the same network platform is widely deployed Cisco IOS devices. Since the ultimate goal of the research is to identify the attackers and its objectives, the use of NetFlow. Applications/Improvements: In this paper, the DDoS attack detection prototype has been shown to produce a constant load on the underlying platform, even under attack, stressing that detects DDoS attack can be a Cisco Catalyst 6500 models used in production networks.

Keywords

Computer Network, Cisco IOS, Detection, DDoS Attack, NetFlow.
User

Abstract Views: 143

PDF Views: 0




  • Immediate Detection of DDoS Attacks with using NetFlow on Cisco Devices IOS

Abstract Views: 143  |  PDF Views: 0

Authors

Mahmoudreza Tahmassebpour
Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia

Abstract


Background/Objectives: DDoS attacks are usually detected by analysis of the applications that are installed in or close to the current system are carried out. Methods/Statistical Analysis: Although this method is easy to deploy, but nonurgent and sensitive detection of DDoS attacks that reasons are first, the fact that the write current by interrupting the current collector is normally the data for application analysis creates pieces that caused a delay of several minutes to be recognized. Second, if the attack traffic may be strengthened by the process of sending the original package small enough to be part of a small stream. Findings: In this research paper will show how to detect DDoS attacks on the sender instead of the current collection, the data close to the source and immediate fashion, which had access to a streaming surveillance infrastructure with development needs. In this study, to examine whether the detection system may operate on the same network platform is widely deployed Cisco IOS devices. Since the ultimate goal of the research is to identify the attackers and its objectives, the use of NetFlow. Applications/Improvements: In this paper, the DDoS attack detection prototype has been shown to produce a constant load on the underlying platform, even under attack, stressing that detects DDoS attack can be a Cisco Catalyst 6500 models used in production networks.

Keywords


Computer Network, Cisco IOS, Detection, DDoS Attack, NetFlow.



DOI: https://doi.org/10.17485/ijst%2F2016%2Fv9i26%2F135198