Bandwidth is very crucial and limited resource available, so it should be properly utilized. Network congestion occurs when a link or node is carrying large amount of data in case of flood attack and quality of service deteriorates. Effects of flood attack include queuing delay, packet loss or the blocking of new connections. As a consequence incremental increases in offered load leads to either small increase in network throughput, or to an actual reduction in network throughput. Modern networks use congestion control and avoidance techniques to avoid such congestion collapses. One of widely used queuing algorithm is Drop Tail which is used in most of the routers to avoid congestion and to encourage smooth flow of packets. In this paper we propose a technique to better utilize bandwidth under flood attack. Simulations of the proposed technique have been carried out to compare it with the DropTail. Ns-2 is used as the simulation tool. In this simulation experiment, different types of traffic like tcp, udp are considered. Routers are attacked with different attack intensities to determine the effect of proposed method under various circumstances.

1. John Evans and Clarence Filsfils, “Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice", Morgan Kaufmann Publishers, 2007, ISBN 0-12-370549-5
2. Won Kim , Ok-RanJeong, Chulyun Kim and Jungmin So, “The dark side of the Internet : Attacks, costs and responses”, Journal of Information Systems, Vol. 36, No 3, May 2011, pp 675-705
3. Thuy T.T. Nguyen and Grenville Armitage, "A Survey of Techniques for Internet Traffic Classification using Machine Learning", IEEE Communications Surveys & Tutorials, Vol. 10, No. 4, 4th Quarter 2008, pp 56-76
4. Arthur Callado, Carlos Kamienski, Géza Szabó, Balázs Péter Ger?o, Judith Kelner, Stênio Fernandes and Djamel Sadok, "A Survey on Internet Traffic Identification", IEEE Communications Surveys & Tutorials, Vol. 11, No. 3, 3rd Quarter 2009, pp 37-52
5. Zhang Sheng, Zhang Qifei, Pan Xuezeng and Zhu Xuhui, "Detection of Low-rate DDoS Attack Based on Self-Similarity", 2nd International Workshop on Education Technology and Computer Science (ETCS), March 6-7, 2010, Wuhan, China, pp 333–336
6. Atul Kant Kaushik and R. C. Joshi, "Network Forensic System for ICMP Attacks", International Journal of Computer Applications, Vol. 2, No.3, May 2010, pp 14-21
7. S. Prabha and R. Anitha, "Mitigation of Application Traffic DDoS Attacks with Trust and AM Based HMM Models", International Journal of Computer Applications, Vol 6, No. 9, September 2010, pp 26-34
8. P. Rajapandian and K. Alagarsamy, "Intrusion Detection in Dos Attacks", International Journal of Computer Applications, Vol. 15, No. 8, February 2011, pp 33- 37
9. Raman Singh, Harish Kumar and R.K. Singla, "Review of Soft Computing in Malware Detection", International Journal of Computer Applications, Special Issue on IP Multimedia Communications, October 2011, pp 55-60
10. Shui Yu,Wanlei Zhou, Robin Doss and Weijia Jia, "Traceback of DDoS Attacks Using Entropy Variations", IEEE Transactions on Parallel and Distributed Systems, Vol. 22, No. 3, March 2011, pp 412-425
11. YiZhang and QiangLiu, "A Real-Time DDoS Attack Detection and Prevention System Based on per-IP Traffic Behavioral Analysis", 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT), July 9-11, 2010, Chengdu, China, pp 163-167
12. Xueping Chen, "Distributed Denial of Service Attack and Defense", International Conference on Educational and Information Technology (ICEIT), Sept. 17-19, 2010, Chongqing, China, Vol. 3, pp 318-320
13. S.H.C. Haris, R.B. Ahmad and M.A.H.A. Ghani, "Detecting TCP SYN Flood Attack based on Anomaly Detection", 2nd International Conference on Network Applications Protocols and Services (NETAPPS), September 22-23, 2010, Alor Setar, Kedah, Malaysia, pp 240-244
14. S. Tritilanunt, S. Sivakorn, C. Juengjincharoen and A. Siripornpisan, "Entropy-based Input-Output Traffic Mode Detection Scheme for DoS/DDoS Attacks", International Symposium on Communications and Information Technologies (ISCIT), October 26-29¸ 2010, Tokyo, Japan, pp 804-809
15. S. Bhatia, G. Mohay, A. Tickle and E. Ahmed, "Parametric Differences Between a Real-world Distributed Denial-of-Service Attack and a Flash Event", 6th International Conference on Availability, Reliability and Security, August 22-26, 2011, Vienna, Austria, pp 210-217
16. Hakem Beitollahi and Geert Deconinck, "A dependable architecture to mitigate distributed denial of service attacks on network-based control systems", International Journal of Critical Infrastructure Protection, Vol. 4, No. 3-4, December 2011, pp 107-123
17. Ryiochi Kawahara and Keiuski Ishibashi, “A method of bandwidth dimensioning and management for aggregated TCP flows with heterogeneous access links.” 11th International Symposium on Telecommunications Network Strategy and Planning, Vienna, Austria, June 13-16, 2004, pp 15-20
18. S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang and W. Weiss, "An Architecture for Differentiated Services", IETF RFC 2475, 1998, pp 17
19. Eckberg, A.E., “B-ISDN/ATM traffic and congestion control”, IEEE Journal of Network, Vol. 6, No. 5, 1992, pp 28-37
20. Fraser K. and Pratt I., “Arsenic: a user-accessible gigabit Ethernet interface”, Proceedings of 20th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), April 22-26, 2001, Anchorage, USA, Vol. 1, pp 67-76
21. Campos F.H., Jeffay Kevin and Smith F.D., “Tracking the Evolution of Web Traffic: 1995-2003”, 11th IEEE/ACM International Symposium on Modeling
22. Analysis, and Simulation of Computer and Telecommunication System (MASCOTS), Orlando FL, October 12-15, 2003, pp 16-25
23. The Network Simulator Website [Online] http://www.isi.edu/nsnam/ns/ns-documentation.html Last seen on October 30, 2011

Network Congestion Bandwidth Management Drop Tail Queue Queuing Algorithms