- Himanshu Purwar, Deepak Kumar, Akash Kaushal, Abhishek Kumar
With the increase in the number of IoT devices, the chances of DDoS attacks have been increased because of the less security in IoT devices. Hackers can use IoT devices as IoT Bot to increase the illegitimate traffic to the server by which normal users are not able to access the server properly.
In 2016, Dyn, a DNS service provider was hit by a DDoS attack of roughly 1.2 TBPS per second. The attack caused the mass disruption, bringing down websites of over 80 of its customers. The hackers created a botnet of over 100,000 IoT devices using the malware Mirai. The devices infected ranged from printers to smart televisions and were all programmed to send requests to Dyn and overwhelm it with traffic.
In July 2016, Internet Service Providers in Mumbai were being targeted in a DDoS attack, said to be India's largest DDoS attack and world's largest attack against ISP's. The attack was of a large magnitude of 200 gigabytes per second. Because of that several ISPs of small and medium-size were interrupted for more than a week.
DYN DDoS attack which was of the magnitude of 1.2 tbps brought down much of the internet across the US and Europe. Using the mirai botnet, the attack targeted DYN company that controls much of the DNS infrastructures of internet.
Grum is a massive pharmaceutical spammer bot that was identified in 2008. It appeared to be more complex and larger beyond the imagination of the experts. During Grum’s demise in July 2012, it was able to send 18 billion email spams per day. Law enforcement discovered 136,000 internet addresses that were sending spam for Grum.
Methbot is one of the biggest digital ad malware that acquired thousands of IP addresses with US-based ISPs.The operators first created more than 6,000 domains and 250,267 distinct URLs that appeared to be from premium publishers, such as ESPN and Vogue. Later, video ads from malicious advertisers were posted on these websites which sent their bots “watch” around 30 million ads daily.
Our client who provides web services to its user always has a threat of DDoS attacks for his services to get interrupted. If DDoS attacks are performed through a large number of infected IoT devices(botnets) then attack speed will be of large magnitude and it will not be possible to handle it.
So the aim of our project is to build a model for our client that will not only detect DDoS attacks performed through a good number of botnets but also will be able to mitigate it through various methods which will depend on the strength of the attack.