Title :
Mitigate DDoS attack using TTL buckets and host threatening index
Author :
Chen, Xi ; Xie, Gaogang ; Yang, Jianhua
Author_Institution :
Chinese Acad. of Sci., Software Sch. of Hunan Univ., Beijing
Abstract :
DDoS attack is one of the major threads of todaypsilas Internet. Defense against spoofed IP addresses is an efficiency way to mitigate the damage caused by DDoS attacks. HCF proposed by Haining Wang et al. can throttle most attacks while the filter being trained entirely. However, due to the growing of applications current network carried, the network trafficpsilas behavior has taken much more changes. It makes the training of HCF much more difficult to be entirely so the effectiveness of HCF decreased seriously. In this paper, a lightweight online method for mitigating DDoS attacks based on TTL bucket and host threatening index is proposed. Experimental results show that the proposed method significantly reduced false negative rate cause by high dynamic traffics.
Keywords :
IP networks; security of data; DDoS attack; TTL buckets; high dynamic traffics; host threatening index; lightweight online method; Computer crime; Information filtering; Information filters; Internet; Optical reflection; Peer to peer computing; Protocols; Routing; Telecommunication traffic; Yarn; DDoS defense; Host threatening index; TTL Buckets;
Conference_Titel :
Local Computer Networks, 2008. LCN 2008. 33rd IEEE Conference on
Conference_Location :
Montreal, Que
Print_ISBN :
978-1-4244-2412-2
Electronic_ISBN :
978-1-4244-2413-9
DOI :
10.1109/LCN.2008.4664221
