BibTeX:

@article{IJIRSTV3I5018,
     title={Firewall Architecture to Prevent DoS Attacks using Rate Limiting and Software Puzzle Techniques},
     author={Nithun Chand O, Dr. S. Subasree and Girish R},
     journal={International Journal for Innovative Research in Science & Technology},
     volume={3},
     number={5},
     pages={78--85},
     year={},
     url={http://www.ijirst.org/articles/IJIRSTV3I5018.pdf},
     publisher={IJIRST (International Journal for Innovative Research in Science & Technology)},
}

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are major threat to the internet and is a serious cyber-crime. The rapid increase in number of people using internet and the development of technology has given birth to new virus and worms which can exploit our system. Attackers use the latest techniques to perform DoS attacks. There are numerous tools to perform DoS attack from millions of compromised system and can mess up any system or network in short period of time. There are many well-known counter measures available like puzzle based defense mechanism. However an attacker can inflate the ability of DoS attack in solving the puzzle by using cheap and widely available GPUs. Software Puzzles are effective against such resource inflated attacks. But this alone doesn’t has a strategy to avoid unfairly delay of time during slower traffic. In this work, we propose a simple firewall architecture to prevent DoS attacks and GPU inflated DoS attacks. The proposed architecture has three stages, (i) attack detection, (ii) rate limiting and (iii) software puzzle. The traffic is analyzed, and if there is a scenario of a heavy traffic or an attack, the rate limiting technique is executed and then software puzzle are given to each and every requests to prevent users from using GPUs to solve the puzzles.

Denial of Service, Distributed Denial of Service, GPU programming, Rate Limiting, Client Puzzle, Software Puzzle