A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Statistical-Based SYN-Flooding Detection Using Programmable Network Processor
ICITA '05 Proceedings of the Third International Conference on Information Technology and Applications (ICITA'05) Volume 2 - Volume 02
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Hi-index | 0.00 |
This paper proposes an architecture of source-end DDoS protection system on IXP2400 network processor, which monitors traffic from the source network and polices traffic at the source without affecting the traffic from other network. The proposed architecture includes usual IPv4 forwarder with additional modules for source filtering, packet classification and flow control, and uses modified non-parametric CUSUM algorithm. We analyze the major shortcomings of previous approaches, and present basic performance analysis. The proposed system can handle 65,000 aggregated flows, and can operate at OC-48 line rate.