Title :
An Effective Priority Queue-Based Scheme to Alleviate Malicious Packet Flows from Distributed DoS Attacks
Author :
Lin, Chu-Hsing ; Liu, Jung-Chun ; Jiang, Fuu-Cheng ; Kuo, Chien-Ting
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Tunghai Univ., Taichung
Abstract :
A Distributed Denial-of-Service attack affects the bandwidth or resources of a targeted system. By flooding networks and disrupting access to services, it may cause damage on multimedia network services and Internet Service Providers. In the paper, we propose to analyze the behavior of packet flows and adopt a priority queue-based algorithm that assign packets from normal users to a high priority queue and packets from suspected attackers to a low priority queue. Simulations in network simulator, NS2, prove our proposed priority queue-based scheme is effective in blocking attacking traffic while maintaining constant flows for legitimate users.
Keywords :
computer networks; queueing theory; security of data; Internet service providers; distributed DoS attacks; distributed denial-of-service attack; malicious packet flows; multimedia network services; priority queue-based scheme; Algorithm design and analysis; Bandwidth; Computer crime; Computer networks; Intrusion detection; Queueing analysis; Signal processing algorithms; Telecommunication traffic; Throughput; Traffic control; DDoS attack; QoS; network simulator; priority queue;
Conference_Titel :
Intelligent Information Hiding and Multimedia Signal Processing, 2008. IIHMSP '08 International Conference on
Conference_Location :
Harbin
Print_ISBN :
978-0-7695-3278-3
DOI :
10.1109/IIH-MSP.2008.270