DDoS attacks are initiated from various locations around the world and can be started very easily. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, its one system that is sending the malicious data or requests; a DDoS attack comes from multiple systems. Generally, these attacks work by drowning a system with requests for data. This could be sending a web server

more »

... so many requests to serve a page that it crashes under the demand, or it could be a database being hit with a high volume of queries. The result is available internet bandwidth, CPU and RAM capacity becomes overwhelmed. Distinguishing between attack traffic and normal traffic is difficult, especially in the case of a application layer attack such as a botnet performing a HTTP Flood attack against a victim's server. Because each bot in a botnet makes seemingly legitimate network requests the traffic is not spoofed and may appear "normal" in origin. In this research propose DDoS attack mitigation framework, the framework composed two parts proactive approach and reactive approach, proactive approach further contain four components Secure software development life cycle, application load test application stress test and ddos incident response plan, while reactive approach contain eighth components bandwidth management, perimeter firewall, intrusion detection and prevention system, web application firewall, load balancer, endpoint security firewall, Dedicated DDoS mitigation device and monitoring, collectively this framework will help as to design such infrastructure which will be stopping DDoS attack enough so that they attacker cannot be easily breakdown and unavailability of the services should accessible.