Title :
Mitigation of DDoS Attacks through Pushback and Resource Regulation
Author_Institution :
Sch. of Inf., Central Univ. of Finance & Econ., Beijing
Abstract :
The current Internet is vulnerable to attacks and failures. The past events have illustrated the Internet´s vulnerability to distributed denial of service (DDoS) attacks. This paper proposes a general, and not attack specific, defense strategy through pushback and resource regulation to mitigate the effect of such attacks. Routers cooperate with victim in implementing the defense strategy. Pushback based on the improved aggregate-based congestion control (IACC) algorithm applies to routers in order to defend bandwidth consumption attacks, while resource regulation applies to victim in order to defend resource consumption attacks. Through distributed detection and filter, the novel strategy can effectively mitigate the effect of the common DDoS attacks including the bandwidth consumption and resource consumption attacks.
Keywords :
Internet; computer network reliability; filtering theory; resource allocation; signal detection; telecommunication congestion control; telecommunication network routing; telecommunication security; DDoS attacks; Internet failure; aggregate-based congestion control algorithm; bandwidth consumption attacks; denial-of-service attacks; distributed detection; distributed filter; network routers; pushback regulation; resource regulation; Bandwidth; Computer crime; Electronic mail; Filters; Finance; Information technology; Kernel; Particle swarm optimization; Three-term control; Web and internet services; PID control; congestion control; distributed denial of service; particle swarm optimization; resource regulation;
Conference_Titel :
MultiMedia and Information Technology, 2008. MMIT '08. International Conference on
Conference_Location :
Three Gorges
Print_ISBN :
978-0-7695-3556-2
DOI :
10.1109/MMIT.2008.26
