Demonstrate the application of the concept of Spread Identity to enhance security on Internet against DDoS attacks

The importance of security over the internet is increasing by the day. Security is important not only for the individual user but also for the many businesses, servers that are operative of the internet. These are particularly susceptible to types of attacks called Distributed Denial of Service (DDoS) Attacks. Spread-Identity is a new concept that can be used to improve Internet security. In this approach, we dynamically spread (and shrink) the identity of a resource and dynamically bind the identities to the resources. The identity of a host on internet is its IP address. So in this approach we dynamically assign different IP addresses to a host. We have simulated the spread identity mechanism to demonstrate the application of this paradigm to the internet. We further demonstrate how this paradigm can be effectively used to mitigate the threat of the DDoS Attacks. To prove the feasibility of the Spread Identity approach, we first demonstrate its scalability by testing the response time/throughput of the servers with increasing number of clients and prove that the performance is not affected significantly.;Then to prove the effectiveness of this approach to mitigate DDOS attacks, we will show that intrusion detection is possible: i.e., the attacking users can be identified - this is the first step before the preventive action can be taken (maybe by redirecting traffic, we have used the approach of dropping packets from affected domain for simulation purposes). Also to demonstrate the efficacy of the approach to keep the servers operative in the face of the attacks, we have monitored the bandwidth of the bottleneck link, when under attack and proven how DDOS attacks can be mitigated with our approach.