Title :
A DDoS Attack Defending Scheme Based on Network Processor
Author :
Xinlei, Li ; Kangfeng, Zheng ; Yixian, Yang
Abstract :
The distributed denial of service attacks have become more and more frequent and caused some fatal problems. Many researches have been done to detect and defend such attacks, however, many solutions are still in the phase of theoretical studies. Some of them may have certain practical value, but they have to reconstruct the existing network and the routing instruments with great cost. This paper proposes a DDoS attack defending scheme based on network processor. The scheme takes advantage of network processor´s powerful process ability to divide the network flow into different types firstly, and then uses a QoS mechanism to ensure essential communications as well as to eliminate the attack flow to the greatest extent. Experiment results show that the scheme can provide enough bandwidth for high priority flow, and effectively weaken the attack flow.
Keywords :
computer networks; quality of service; telecommunication network routing; telecommunication security; DDoS attack defending scheme; QoS mechanism; distributed denial of service attacks; network flow; network processor; process ability; routing instruments; Computer crime; Information security; Laboratories; Law; Legal factors; Packaging; Phase detection; Protection; Telecommunication switching; Telecommunication traffic; QoS; defending; distributed denial of service attacks; network processor;
Conference_Titel :
Information Engineering, 2009. ICIE '09. WASE International Conference on
Conference_Location :
Taiyuan, Chanxi
Print_ISBN :
978-0-7695-3679-8
DOI :
10.1109/ICIE.2009.107
