DOSPREVENT: A PROACTIVE DENIAL OF SERVICE (DOS) ATTACK PREVENTION TOOL AGAINST CRITICAL INFORMATION INFRASTRUCTURE

Abstract

Denial of service (DoS) attack is generally a malware attack to overwhelm a computer system, websites or network with unwarranted excessive traffic hence making it inaccessible to genuine users. Denial of service (DoS) attacks pose a significant threat to critical information infrastructure (CII) networks as they can disrupt essential services and potentially cause widespread damage to the infrastructure. This attack aimed at overcoming the availability of the information infrastructure’s network with a huge number of traffic hence making it unavailable for business activities. This work proposes a preventive approach to tackle the issue of DoS attacks on critical information infrastructures using a packet filtering approach. The algorithm attempts to filter incoming packets and get their time-to-life value which was then used to determine the hop-count computation detecting DoS packets from legitimate packets. The hop-count gives accurate detection with 0.05% false positive with an accuracy of 97%. The system monitors the packets coming into the information infrastructure’s network and proactively detect DoS attack before damaging the system. The proposed system is a preventive measure for CII against DoS attack.