Title :
Research on DDoS Filtering Algorithm Based on Bloom Filter WhiteList
Author :
Peng, Dan ; Chang, Guiran ; Guo, Rui ; Tang, Yanjun
Abstract :
With the DDoS (distributed denial of service) traffic which was implemented using depleted bandwidth is filtered by routers in high speed network, it is impossible for the victim to work on the individual level of on-going traffic flows. The scheme establishes the source and destination IP address database by observing the normal traffic and storages it in a Bloom Filter table. The Netflow statistics is mainly used to allocate the weights for traffic routing by routers. A new algorithm is thus proposed to get efficiently maximum throughput by the traffic filtering, and its feasibility and validity have been verified in real network circumstances. The algorithm shows its advantages that it just occupies a small part of resources. Moreover, it can optimize the network traffic simultaneously with defending against DDoS attack, thus eliminating efficiently the global burst of traffic arising from normal traffic so as to improve greatly the efficiency of servers.
Keywords :
filtering theory; genetic algorithms; telecommunication network routing; telecommunication traffic; Bloom filter table; DDoS filtering algorithm; IP address database; Netflow statistics; bloom filter white list; depleted bandwidth; distributed-denial-of-service traffic; genetic algorithm; high speed network; routers; traffic flows; traffic routing; Bandwidth; Computer crime; Databases; Filtering algorithms; Filters; High-speed networks; Routing; Statistics; Telecommunication traffic; Throughput; DDoS attack; Genetic algorithm; Netflow; Worm;
Conference_Titel :
MultiMedia and Information Technology, 2008. MMIT '08. International Conference on
Conference_Location :
Three Gorges
Print_ISBN :
978-0-7695-3556-2
DOI :
10.1109/MMIT.2008.105
