Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
A New Perspective in Defending against DDoS
FTDCS '04 Proceedings of the 10th IEEE International Workshop on Future Trends of Distributed Computing Systems
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Filtering of Shrew DDoS Attacks in Frequency Domain
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
SOS: an architecture for mitigating DDoS attacks
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
A scheme that defending against distributed denial of service (DDoS) attacks adopts the mechanism of Distribution-based Secure Overlay Nodes (DSON) to a large-scale ISP (Internet Service Provider) network is presented. The scheme uses local BPG announcement to divert traffic to the overlay network when experiencing high load, then filtering algorithm based on the technology of signal processing is applied to the diverted traffic. This algorithm detects and filters out DDoS attacks in frequency domain to allow targets to provide good service to legitimate traffic, with fast reaction and high energy ratio of legitimate to attacks traffic. DSON is implemented and installed on the monitor points of large-scale ISP network associated with the corresponding routers, edge router, border router, and core router, with no requirement for the modifying to network architecture, infrastructure, and protocol.