After diagnosing the patient with a serious neurocognitive problem caused by Alzheimer's disease, the PMHNP should start the patient on anti-dementia medications (Stahl, 2013). In this scenario, I would recommend Aricept (Donepezil) 5 mg orally, preferably before bedtime. While Aricept does not have the protection and also the victim does not have the capability of accessing other networks such as the internet.
With the current technology, several challenges are in place concerning design and the implementation of the mechanism of DDoS that is effective. Some of them include;
Several quantities of unwitting types of participants
Lack of similar features of streams of DDoS
Use of legit models of traffic by the attackers
Lack administrative serving domain within the cooperation
Automated types of tools
Enclosed participants’ identities
Consistency in the security holes within the internet
Unavailability of information
Lack of standardized analysis and approaches towards testing
Hence, the below five principles are suggested for building a solution that is effective;
Because DDoS forms part of a distributed attack and also because of its big volume as well as the packet attack rates, distributed unlike the centralized type of defense forms the very first of DDoS defense.
High Normal Packet Survival Rarion (NPSR) thus leading fewer instance collateral damage forms the primary need for a DDoS type of defense.
The method of defense need to secure information for controlling messages based on confidentiality, sources integrity and freshness of the messages exchanged among the nodes of defense
Where centralized systems for control of autonomous system (AS) lacks within the internet, either partly or increasingly deployable model of defense that needs no centralized control will end up registering success
A system of defense must factor in the future compatibility matters such as the interface with other systems and negotiate varied policies of defense.
On the same note, below characteristics constitute an ideal model that is also effective against the incidence of DDoS attacks;
Must be used only during the times of attack and also during other times it must also enable the system to work in a normal way. Hence, it should allow for ready integration with the present settings or modifications
Must be capable of offering simple, easy and effective type of solution that leads the counteracting with the sources of attack during the prevention of the same attack
Must be capable of identifying the attack that happens to the victim and also preventing it close to the source of the attack.
Must be capable of preventing the existing attack from finding its way to the victim. In this case, the model must be in a position of differentiating between a malicious traffic from a regular benign type of flow through the incorporation of signatures of attack to various sources of attack
Must show quick response to any changes that happen in the pattern of attack traffic
Should stand a chance of offering retaining mechanisms of the evidence of attack for possible use in the legal types of proceedings
V. Filtering Techniques for DDoS Attacks Prevention
Below is a description of these techniques;
Techniques of filtration
Advantages
Disadvantages
Ingress/ Egress
-Prevention IP Spoofing
-Requires universal progress
- Attacks from definite IP addresses unavoidable
RPF ( Route based Packet Filtering)
-Work effectively with static routing
-Problem in the use of dynamic routing
-Requires wider effective implementation
History-based
-No need for cooperation of whole Internet Community.
-Prioritize on frequency of packets during incidences of attack
- Ineffective during incidences of definite addresses of IP
- Needs offline database for tracking addresses
-Rely on gathered information
Capability-based
-Offers destination as means of controlling the traffic it desires
-Increment in deployment
-Attacks against the request packets not avoidable (e.g., ROC attack)
-High computational complication and space needs
SOS
-Works effectively with set sources of identified communication channels
-Limited scope of the solution
-Needs use of new protocol of security that again is a threat
SAVE
-Filtering inefficient addressed packets is worthwhile
-Increasing deployment
Possible drop of packets during the time of transient
Table 1: filtering techniques for DDoS attacks prevention
Conclusion
DDoSS attack leads to the loss of share resources of the victim thus leading to the prevention of the legit users from gaining access to the respective resources. Also, DoS may aim at the certain computer components, the whole of the systems of a computer, part of the networking infrastructure and even the whole of the internet infrastructure. This review covered the problem’s overview of the DDoS, the present attack tools of DDoS, the defense challenges, and principles and the categories of the existing DDoS mechanism of prevention. In this case, it offers a good understanding of the problem and makes it possible for a security administrator in effectively equipping his tools with the proper mechanism of prevention that lead to handling the threats from DDoS. The present mechanism for prevention covered in this paper is not close to the desire to ensure the protection from DDoS attack. The major existing problem in place of several insecure machines within internet may lead to the compromisation towards the launching of large-scale coordinated DDoS attack.
Works Cited
Gupta, B. B., Ramesh Chandra Joshi, and Manoj Misra. "Distributed denial of service prevention techniques." arXiv preprint arXiv:1208.3557 (2012).
Zargar, Saman Taghavi, James Joshi, and David Tipper. "A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks." IEEE communications surveys & tutorials 15.4 (2013): 2046-2069.
Freiling, Felix, Thorsten Holz, and Georg Wicherski. "Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks." Computer Security–ESORICS 2005 (2005): 319-335.
Chang, Rocky KC. "Defending against flooding-based distributed denial-of-service attacks: a tutorial." IEEE communications magazine 40.10 (2002): 42-51.
Mirkovic, Jelena, and Peter Reiher. "A taxonomy of DDoS attack and DDoS defense mechanisms." ACM SIGCOMM Computer Communication Review 34.2 (2004): 39-53.
Belissent, Jacques E. "Method and apparatus for preventing a denial of service (DOS) attack by selectively throttling TCP/IP requests." U.S. Patent No. 6,789,203. 7 Sep. 2004.
