Abstract
Distributed-denial of-service (DDoS) flooding attacks aim to overcome the availability of an online service with massive traffic from multiple sources. By spoofing legitimate users, an attacker floods a target system with a high quantity of packets or connections to crash its network resources, bandwidth, equipment, or servers. Packet filtering methods are the most known way to prevent these attacks via identifying and blocking the spoofed attack from reaching its target. In this proposal, the extent of the DDoS flooding attack problem and attempts to prevent it are explored. The attacks categories and existing countermeasures based on preventing, detecting, and responding are reviewed. This project proposes filtering mechanism to prevent DDoS flooding attacks. Variety of packet filtering algorithms and statistical analysis will be tested to investigate the most accurate and efficient filtering.