The explosive growth in computer systems and their interconnections via networks has increased the dependence of both organizations and individuals on the information stored and communicated using these systems. This has increased the need to protect the data and the resources from disclosure and to protect the entire network from network based attacks. There are many attacks intended to deprive legitimate users from accessing network resources and functions. Denial of service (DoS) attack is an attack on the availability of Internet services and resources. Flooding based distributed denial of service (DDOS) attack presents a very serious threat to the stability of the Internet. In spite of many intrusion detection mechanisms, many find it difficult to withstand against large scale attacks. We want to design a comprehensive mitigation mechanism against the DDoS attack. In this proposed system a comprehensive solution is given against the attack. In the proposed system the detection accuracy has been increased by varying the half-open connection lifetime. This work can be done by using consensus algorithms for exchanging the information between the detection systems. So the overall detection time would be reduced for global decision making.

Key words: DDOSattack, sequential test method, Consensus method.