Highspeed and flexible source-end DDoS protection system using IXP2400 network processor

Authors:
Djakhongir Siradjev;Qiao Ke;JeongKi Park;Young-Tak Kim
Affiliations:
Dept. of Information & Communication Engineering, Graduate School, Yeungnam University, Gyeongsan-Si, Gyeongbook, Korea;Dept. of Information & Communication Engineering, Graduate School, Yeungnam University, Gyeongsan-Si, Gyeongbook, Korea;Dept. of Information & Communication Engineering, Graduate School, Yeungnam University, Gyeongsan-Si, Gyeongbook, Korea;Dept. of Information & Communication Engineering, Graduate School, Yeungnam University, Gyeongsan-Si, Gyeongbook, Korea
Venue:
IPOM'07 Proceedings of the 7th IEEE international conference on IP operations and management
Year:
2007

Citing 5
Cited 0

A taxonomy of DDoS attack and DDoS defense mechanisms

ACM SIGCOMM Computer Communication Review
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
Statistical-Based SYN-Flooding Detection Using Programmable Network Processor

ICITA '05 Proceedings of the Third International Conference on Information Technology and Applications (ICITA'05) Volume 2 - Volume 02
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Detecting distributed denial of service attacks by sharing distributed beliefs

ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper proposes an architecture of source-end DDoS protection system on IXP2400 network processor, which monitors traffic from the source network and polices traffic at the source without affecting the traffic from other network. The proposed architecture includes usual IPv4 forwarder with additional modules for source filtering, packet classification and flow control, and uses modified non-parametric CUSUM algorithm. We analyze the major shortcomings of previous approaches, and present basic performance analysis. The proposed system can handle 65,000 aggregated flows, and can operate at OC-48 line rate.