Abstract
Distributed Denial of Service (DDoS) attacks is one of the more serious threats currently faced by Internet based companies. In this study, we deal with DDoS attacks by proposing a dynamic reactive defense system to detect and prioritize the malicious traffic flow towards a target system. Approach: The proposed scheme identifies the most critical flaw in the attack traffic based on the strength of malicious flow and the duration of attack persistence and applies an adaptive rate limiting on each individual flow instead of a fixed rate limit on the collective attack flow. The results: The scheme reacts very quickly to any changes in the network state. The results observed on the dataset shows that the proposed scheme detects the onset of the attacks very early and reacts to the threat by rate limiting the malicious flow. Conclusion: The proposed system can be successfully implemented as an autonomous defense system to limit damage to the victim by limiting the malicious flows towards the target system with a higher degree of accuracy.