A DDoS-Oriented Distributed Defense Framework Based on Edge Router Feedbacks in Autonomous Systems

Author

Bi, Xiaoming ; Tan, Wenan ; Xiao, RuoHui

Author_Institution

Wenzhou Vocational Coll. of Sci. & Technol., Wenzhou

fYear

2008

fDate

18-20 Oct. 2008

Firstpage

132

Lastpage

135

Abstract

Distributed defense of distributed denial of service (DDoS) is one of the main research areas in DDoS recently. It is preferred to be conducted as the control-based defense. However, some existed methods have their respective disadvantages, such as efficiency, privacy. Therefore, a DDoS-oriented distributed defense framework based on the edge router feedbacks in autonomous systems (AS) is proposed to thwart the attack traffic in the boundary of AS near to the attacking sources. In the attacks, by measuring its ingress traffic rate the victim sends the feedbacks to the edge routers, as a result that malicious traffic is effectively filtered in AS boundary. The experiments show that the distributed defense framework can effectively guarantee the survival rate of legitimate flows and protect the victims in AS from DDoS.

Keywords

Internet; mathematical analysis; telecommunication network routing; telecommunication security; DDoS-oriented distributed defense framework; Internet autonomous system; Internet security; distributed denial-of-service attack traffic; edge router feedback; mathematical analysis; Algorithm design and analysis; Computer crime; Distributed computing; Feedback; Floods; Information filtering; Information filters; Internet; Physics computing; Telecommunication traffic; DDoS; Distributed Defense; Edge Router;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Computational Sciences, 2008. IMSCCS '08. International Multisymposiums on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3430-5

Type

conf

DOI

10.1109/IMSCCS.2008.10

Filename

4760310