Title :
Research on Counter Bandwidth Depletion DDoS Attacks Based on Genetic Algorithm
Author :
Guo, Rui ; Chang, Guiran ; Hou, Ruidong ; Qin, Yuhai ; Sun, Baojing ; Liu, An ; Jia, Yan ; Peng, Dan
Author_Institution :
Northeastern Univ., Shenyang
Abstract :
In this paper, we advocate that routers will filter bandwidth depletion of DDoS traffic. It is our consideration that server owners who experience an attack should work with ISP routers to defend DDoS. The main idea is to use statistical approaches of Netflow to allocate weighted bandwidth at the routers. We propose a new algorithm based on genetic algorithm to filter traffic on routers and maximize goodput. The feasibility and effectiveness of our approach is validated by measuring the performance of an experimental prototype against a series of attacks. The advantages of the scheme are discussed and further research directions are given.
Keywords :
Internet; bandwidth allocation; file servers; filtering theory; genetic algorithms; security of data; statistical analysis; telecommunication network routing; telecommunication security; telecommunication traffic; DDoS; ISP routers; Netflow; bandwidth depletion filtering; distributed denial of service attack; genetic algorithm; server; statistical approaches; traffic filtering; weighted bandwidth allocation; Bandwidth; Computer crime; Counting circuits; Filtering; Filters; Genetic algorithms; Network servers; Protection; Sun; Telecommunication traffic;
Conference_Titel :
Natural Computation, 2007. ICNC 2007. Third International Conference on
Conference_Location :
Haikou
Print_ISBN :
978-0-7695-2875-5
DOI :
10.1109/ICNC.2007.619
