Protection mechanism against ddos attack intended to block account

Objective. The aim of the study is a software analysis of a cyber attack carried out to block accounts and implement protection of the protection mechanism. Method. The study is based on the use of the PHP programming language in the PhpStorm IDE environment from JetBrains. In addition to this language, the CSS and JS layout languages, the HTML markup language were used. Result. A DDoS attack of the account blocking type, its possible consequences and existing protection mechanisms are considered in detail. Also, in order to counteract the implementation of this attack, a modification of the algorithm is proposed, which can significantly reduce the likelihood of its successful implementation. The result of this work is the developed software tool and a comparative analysis with similar products on the market. Conclusion. Ready-made software solutions are analyzed and a protection mechanism is developed, which is a modern solution that provides reliable protection of user accounts and protected from attacks directed at them.

1. Razumov P.V., Safaryan O.A., Cherckesova L.V., et all. “Developing of Algorithm of HTTP Flood DDoS Protection”, IEEE 3rd International Conference on Computer Applications & Information Security, IEEE ICCAIS’20. Saudi Arabia, Er-Riyadh, 2020. p.6.

2. Burnett M., Foster J. “Hacking the Code”, ASP.NET Web Application Security, 2004.

3. Babenko, L.K. Modern block cipher algorithms and methods of their analysis: a tutorial for university students / L.K. Babenko, E.A. Ishchukova. - Moscow: Helios ARV, 2006. 376 p.

4. Starikov A.A., Lysenko A.V., Klevtsov A.A. Development and analysis of the performance of the block symmetric encryption algorithm AES using various programming languages, Young researcher of the Don, 2022;4 (37)

5. Baranova E.K., Gyrnets K.V. Modeling and analysis of security and risk in complex systems Proceedings of the International Scientific School of the International Academy of Sciences of the Russian Academy of Sciences. 2016. St. Petersburg. GUAP, 2016. Pp. 155–161.

6. Panasenko S.P. Encryption algorithms. Special reference book. St. Petersburg. BHV-Petersburg, 2009:576

7. Habr. How AES works/habr.com: [site]. URL: https://habr.com/ru/post/112733/ (date of receipt: 02.05.20 22).

8. Al-Odat Z., Abbas A., Khan S. Randomness Analyzes of the Secure Hash Algorithms, SHA-1, SHA-2 and modified SHA, 2019 International Conference on Frontiers of Information Technology (FIT), 2019. Pp. 3160-3165. doi: 10.1109/FIT47737.2019.00066

9. Karthiga S., Velmurugan T. Security based Approach of SHA-384 AND SHA–512. Algorithms in Cloud Environment. J. of Computer Science, 2019;16(10):1439–1450. DOI:10.3844/jcssp.2020.1439.1450

10. Dong X., Sun S., Shi D. Quantum Collision Attacks on AES-like Hashing with Low Quantum Random Access Memories, Advances in Cryptology. ASIACRYPT–2020, South Korea, Daejeon, Springer International Publishing, Vol. 12492. Pp.727–757 DOI: 10.1007/978-3-030-64834-3

11. Razumov P., Safaryan O., Cherckesova L., et all. IAS’2019 Cryptographic Protocol Allowing to Protect the Key in the Open Communication Channel, 3rd International Conference on Computer Applications & Information Security, 2020;1–5.DOI:10.1109 HYPERLINK http://dx.doi.org/10.1109/ICCAIS48893.2020.9096729"

12. Korochentsev D.A., Cherkesova L.V., Revyakina E.A. et al. Import-substituting technologies for ensuring information security and data protection: Tutorial. Rostov-on-Don: DSTU, 2021 – 335 p.

13. Shui Yu. Distributed Denial of Service Attack and Defense”, Springer Briefs in Computer Science, 2014

14. Özçelik İ., Brooks R. Distributed Denial of Service Attacks, Chapman and Hall / CRC, 2020

15. Ibrahim S.A., Mohammad S., Khader S. Proc. Computer Science. Chapman and Hall/CRC, 2016, Pp. 7–15 16. PHP. Reference / php.net: [site]. URL: https://www.php.net/ (date obr. 01.05.2022)