1. Home
  2. Journals
  3. IJCSMT
  4. Abstract

INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND MATHEMATICAL THEORY (IJCSMT )

E-ISSN 2545-5699
P-ISSN 2695-1924
VOL. 9 NO. 4 2023

Analysis of Linux Kernel Iptables for Mitigating DDOS Attacks; A Component-Based Approach

Ike, Uche Kingsley , Ononiwu, Chamberlyn & Onumajuru, Joy Sonia

Abstract


Denial-of-Service (DoS) is a network security problem that constitutes a serious challenge to reliability of services deployed on the servers. DoS attacks aim is to exhaust a resource in the target system, reducing or completely subverting the availability of the service provided. Threat of DoS attacks has become even more severe with DDOS (Distributed Denial-of-Service) attacks. DDOS is an attempt by malicious users to carry out DoS attack indirectly with the help of many compromised computers on the Internet. Service providers are under mounting pressure to prevent, monitor and mitigate DoS/DDOS attacks directed towards their customers and their infrastructure. Defending against these types of attacks is not a trivial job, mainly due to the use of IP spoofing and the destination-based routing of the Internet. Literatures abound on DDOS attacks and mitigation strategies while many scholars attempt to demonstrate the effectiveness of one strategy against another. This paper however explores the Linux kernel firewall iptables, a defence-mechanism inherent in the Linux operating system capable of detecting intrusions and mitigating attacks. The paper is organized such that it presents the motivation for DDOS, various DDOS classifications and architecture, illustrates types of DDOS attacks and then extensively reviews iptables using a component based approach to show its efficient packet-filtering and analysis technique capable of mitigating DDOS attacks


keywords:

DoS, DDOS, Linux operating system, Security, Firewall, IP Tables.

References:


Abhilash, C.S. & Sunil, K.P. (2011) “Mitigation of Distributed Denial of Service (DDOS)
Threats”. Conference on advances in computational techniques (CACT)

Arun, R. & Selvakumar, S. (2011) “Distributed Denial of Service Attack Detection Using an
Ensemble of Natural Classifier”. International Journal of Computer Communication. Elsevier
publication United Kingdom vol. 34.

Gligor, V.D., & Yu, C.F. (1990) “A specification and verification method for presenting Denial of
Service. IEEE trans. Software, vol.6 issue 6.


DOWNLOAD PDF
Back

Call for Papers

VOL. 10 NO. 9

SEPTEMBER 2024 EDITION

Research Articles written in English are invited from interested scholars and researchers in the academic community and other establishment for publication in the following areas:
  1. Management Sciences
  2. Social Sciences
  3. Education
  4. Engineering
  5. Humanities
  6. Sciences

An Author who wishes to submit a manuscript should note that the manuscript has not been submitted elsewhere nor is it for consideration in another journal. The article should be the original work of the author. International Institute of Academic Research and Development (IIARD) welcomes and acknowledges high-quality theoretical and empirical original research papers from researchers, academicians, professional, practitioners, and students from all over the world.


LATEST UPDATES

  • crossref

    DOI (DIGITAL OBJECT IDENTIFIER) ISSUANCE

    We are pleased to inform you that IIARD is now a registered member of Crossref. Henceforth, we will be issuing DOI to every published article.

  • JOURNAL HARD COPIES ARE READY FOR DISPATCH

    All Journal hard copies are ready for dispatch. Corresponding authors are advice to submit their mailing addresses to editor@iiardjournals.org



Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License

© 2024 IIARD. All rights reserved