Enhancing Internet robustness against malicious flows using active queue management

Attackers can easily modify the TCP control protocols of host computers to inject the malicious flows to the Internet. Including DDoS and worm attack flows, these malicious flows are unresponsive to the congestion control mechanism which is necessary to the equilibrium of the whole Internet. In this paper, a new scheme against the large scale malicious flows is proposed based on the principles of TCP congestion control. The kernel is to implement a new scheduling algorithm named as CCU (compare and control unresponsive flows) which is one sort of active queue management (AQM). According to the unresponsive characteristic of malicious flows, CCU algorithm relies on the two processes of malicious flows - detection and punishment. The elastics control mechanism of unresponsive flows benefits the AQM with the high performance and enhances the Internet robustness against malicious flows. The network resource can be regulated for the basic quality of service (QoS) demands of legal users. The experiments prove that CCU can detect and restrain responsive flows more accurately compared to other AQM algorithms.