CONTINUOUS AND RANDOM DROPPING BASED DISTRIBUTED REFLECTION DENIAL OF SERVICE ATTACK (CARD-DRDOSA) DETECTION, CONTROL AND PREVENTION TECHNIQUE IN MANET SOURISH MITRA, SAYANI CHANDRA, BIDYUTMALA SAHA, RAFIQUL ISLAM & NIRUPAM SAHA Guru Nanak Institute of Technology, Kolkata, West Bengal, India ABSTRACT In MANETs, DOS attacks not only consume the scarce system resources, such as bandwidth, battery energy, or CPU cycles, but also isolate legitimate users from a network. The DOS attacks may impact the network connectivity seriously and may further undermine the networking functions. In DDOS, many “zombies or daemons” computers performing a DOS attack on one computer, usually directed by one “master”. In this paper, we propose a simple and robust method to detect Distributed Reflective Denial of Service attacks. In DRDOS attacks, the victim is bombarded by reflected response packets from legitimate communicating nodes, and thus it is difficult to distinguish attack packets from legitimate packets. We focus on a proposed defense mechanism for dropping based DDOS attack based on concept of rate limiting the attack traffic. The proposed rate limiting scheme will penalize the different attackers based on their rate limits and server load. The rate limit value for each attacker is calculated dynamically. The victim end defense system decrease the rate limit exponentially & increase it linearly based on the attack traffic rate. Therefore, the proposed techniques in MANET are used for smooth and high data rate communication. Our approach is displayed in three phases as detection, control and preventi on, explained in “continuous and random dropping detection architecture”. In this paper, the proposed rate limiting scheme will penalize the different attackers based on their rate limits and server load. In this paper, the proposed work developed a continuous and random dropping detection mechanism which reduces deficiency of the reduction of Quality to the mobile nodes. KEYWORDS: Continuous and Random Dropping, Distributed Reflective Denial of Service (DRDOS) Attack, Packet Dropping, Rate Limit, Reduction of Quality INTRODUCTION Denial of Service (DOS) Attack The main aim of a DOS attack [1] is the interruption of services by attempting to limit access to a machine or service instead of subverting the service itself. This kind of attack aims at rendering a network incapable of providing normal service by targeting either the networks bandwidth or its connectivity. These attacks achieve their goal by sending at a victim a stream of packets that swamps his network or processing capacity denying access to his regular clients. In the not so distant past, there have been some large - scale attacks targeting high profile Internet sites [2]. When a victim detects a DOS attack, a widely used solution is tracing the DOS attack back towards its origin, and then stopping the attacker at the source. International Journal of Computer Networking, Wireless and Mobile Communications (IJCNWMC) ISSN 2250-1568 Vol. 3, Issue 4, Oct 2013, 127-134 © TJPRC Pvt. Ltd.