An effective DDoS attack detection and packet-filtering scheme
A distributed denial-of-service (DDoS) attack presents a very serious threat to the stability of the Internet. In a typical DDoS attack. a large number of compromised hosts are amassed to send useless packets to jam a victim or its Internet connection. or both. Defense against DDoS attacks as well as identification of their sources comprise demanding challenges in the realm of Internet security studies. In this paper, effective measures are proposed for detecting attacks in routers through the use of queuing models, which help detect attacks closer to the attack sources. Utilizing these measures, an effective DDoS attack detection and packet-filtering scheme is proposed. The suggested approach is a cooperative technique among routers intended to protect the network from persistent and severe congestion arising from a rapid increase in attack traffic. Through computer simulations, it is shown that the proposed scheme can trace attacks near to the attack sources, and can effectively filter attack packets.
- Issue Date
- 2006-07
- Language
- English
- Article Type
- Article
- Citation
IEICE TRANSACTIONS ON COMMUNICATIONS, v.E89B, pp.2033 - 2042
- ISSN
- 0916-8516
- Appears in Collection
- IE-Journal Papers(저널논문)
- Files in This Item
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 6 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.