Distributed Denial of Service (DDoS) attacks overwhelm servers by flooding them with a massive number of malicious requests, resulting in high latency, service unavailability, and potential system crashes.
This project implements a parallel, queue-based simulation system that detects and mitigates DDoS attacks before requests reach the server. A detailed comparison between sequential (single-threaded) and parallel (multi-threaded) execution is performed to analyze performance improvements on multi-core systems.
The primary focus is on system design, parallelism, scalability, and performance measurement, making this project highly aligned with systems and performance-oriented roles.
- Simulate legitimate and malicious (DDoS) traffic safely
- Filter requests using a queue-based mechanism
- Apply parallel programming to improve throughput
- Compare sequential vs parallel performance
- Measure execution time, server load, and scalability
- Demonstrate effective use of multi-core CPUs
Request Generator
↓
Bounded Request Queue
↓
Parallel Filter Workers
↓
Decision Engine
↙ ↘
Accept Drop
↓
Simulated Server
All incoming requests are first placed into a bounded queue. Multiple parallel worker threads analyze each request using rate-based heuristics. Malicious requests are dropped early, while valid requests are forwarded to the simulated server.
- Queue-Based Filtering: Prevents server overload during traffic bursts
- Dynamic Rate Limiting: Adaptive thresholds based on queue size
- Parallel Processing: Multiple worker threads process requests concurrently
- Server Load Simulation: Models real server processing delays
- Bounded Queue Protection: Prevents memory exhaustion
- Detailed Metrics: Tracks accepted, dropped, and misclassified requests
- Single filtering thread
- Requests processed one at a time
- High queue wait time under DDoS load
- Poor scalability
- Multiple worker threads
- Concurrent request analysis
- Lower latency and faster queue drainage
- Efficient multi-core utilization
- Total execution time (ms)
- Sequential vs parallel speedup
- Accepted legitimate requests
- Dropped malicious requests
- False positives and false negatives
- Server load under attack
Sequential Execution Time : 5420 ms Parallel Execution Time : 1820 ms Speedup Achieved : ~3x
Parallel processing significantly reduces execution time while maintaining similar detection accuracy, demonstrating the effectiveness of parallel filtering under high traffic load.
- Language: Java
- Concurrency: Java Multithreading (ExecutorService)
- Data Structures: BlockingQueue, ConcurrentHashMap, Atomic variables
- Simulation: Custom traffic and server workload modeling
- Clone the repository
- Compile the Java files
- Run
Main.java - Observe sequential and parallel performance metrics
This project intentionally avoids machine learning to focus on deterministic, low-latency filtering. ML models introduce inference overhead and require extensive training data, which may not be ideal for real-time mitigation during high-volume DDoS attacks.
- Machine learning-based adaptive detection
- Real-time deployment support
- Integration with firewall or IDS systems
- Hardware acceleration and OpenMP implementation
- Large-scale distributed simulations
This project demonstrates that parallel, queue-based request filtering is an effective strategy for mitigating DDoS attacks. The comparison study clearly shows that parallel programming significantly improves throughput and scalability while maintaining detection accuracy.
The system provides a strong foundation for real-world DDoS mitigation solutions and aligns well with modern multi-core processor architectures.
Navtej S. Nair
M.Tech Integrated Software Engineering
VIT Chennai