An Effective ODAIDS-HPS Approach for Preventing, Detecting and Responding to DDoS Attacks

The main objective of the network security is to prevent DDoS (Distributed Denial of Service) attacks in inter-connected systems. Generally, DDoS attacks are attempted by hackers and explicitly block an authorized user from accessing their account and deny them the services they are entitled to. Hackers seek recourse to hacking using malware (i.e., Botnets) for increased access to and control of a large number of computers. Once the malicious system commences its nefarious activities, the attacks are carried out using a well-coordinated operation. After that, an expensive attack is done on more than one targeted machine. The main goal of intrusion detection system and research community working to prevent such attacks is designing a perfect security technique against the discovered and undiscovered DDoS attacks. However, the design of such a technique needs an awareness of the security problem and also the designed technique’s method used to detect, prevent and respond to different types of DDoS attacks. In this paper, a new Integrated Intrusion Detection System is proposed, namely, the Outlier Detection Approach based Intrusion Detection System-Honey Pot System (ODAIDS-HPS) to detect, prevent, and respond to various kinds of DDoS attacks. The proposed work is done in three phases, such as DDoS Detection, Prevention and responding to DDoS attackers. The first two phases are resolved by Intrusion Detection System from utilizing the Outlier Detection Approach to detect the malicious information received from unauthorized users. In the third phase, a new honeypot system is proposed to respond to unauthorized users with false information. The proposed system that is deployed on a trial basis is shown to prevent DDoS attacks far more effectively than any other tools or intrusion detection system.