Using Access Control List against Denial of service attacks

Hadya S.   Hawedi; Omran Ali  Bentaher; Kaled E. I.  Abodhir; Yousef  abuadlla

المؤلفون

Hadya S. Hawedi Faculty of information technology Al Asmarya university
Omran Ali Bentaher Higher institute of technology and science
Kaled E. I. Abodhir Faculty of economic Al Asmarya university
Yousef abuadlla Faculty of electrical engineering Al Jafara university

الملخص

The network security is very important in our daily life as people using the internet everywhere such as e-commerce, e-government, e-learning…..etc. One of the major threat on the network is denial of service attacks DoS. This paper studied DoS attacks, by launching them in a networked scenario and then demonstrated their effects. The objective of the study is to use Access control list ACL to stop these attacks. Wireshark had been used to monitor and analyze the flow of the packets. The administrator can decide whether there is DoS attacks or not based on server's resources (CPU usage, memory used) which are very high refer to unusual flood of packets. ACL has been used to stop the unusual flood. Cisco packet tracer had been used to demonstrate the DoS attacks and applied the ACL. This paper showed that the DoS attacks can be applied easily by the attackers and can be stopped easily using ACL by the administrator. The DoS attacks could be launched any way just the administrator has to stop it in early stage. This paper recommended that the administrators has to keep monitoring the network behaviors changes to stop the flooding.

المراجع

- R.K.C. Chang, “Defending against Flooding-Based Distributed denial-of-Service Attack: A Tutorial,” IEEE Communication Magazine, October 2002, 42-51.

- Ashima Jain ,Network Security-The Biggest Challenge in Communication, Advance in Electronic and Electric Engineering. Research India Publications,2013.

- Routing Protocols Companion Guide. Cisco Networking Academy - Computers - 2014.

- Dennis Eck, Access Control Lists to Protect a Network from Worm/DoS Attacks, CCNA, 2003. 5- Sílvia Farraposo, Network Security and DoS Attacks, 2005. 6- Ali kadhum m.Al-qurabat, Security Attacks, 2007.

- C. Joshi, and Manoj Misra, Distributed Denial of Service Prevention Techniques B. B. Gupta, IEEE,2010.

- Kavita Choudhary,Smurf Attacks: Attacks using ICMP, University, Gurgaon, Haryana, India 2011.

- Harshita, Detection and Prevention of ICMP Flood DDOS Attack, 2017.

- Marwan Darwish, Cloud-based DDoS Attacks and Defenses, Department of Electrical and Computer Engineering University of Western Ontario London, Canada ,2014.

- Eng.Alaa Arabiyat, Access Control Lists (ACLs),Advance Networks Laboratory , University of Jordan.

- Nancy Navato, Easy Steps to Cisco Extended Access List GSEC,2001