A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
RAD: Reflector Attack Defense Using Message Authentication Codes
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Shield: DoS filtering using traffic deflecting
ICNP '11 Proceedings of the 2011 19th IEEE International Conference on Network Protocols
Hi-index | 0.00 |
DDoS (distributed denial of service) attacks have gradually increased and have become more sophisticated. There have been several methods for defending against these attacks. However, because the types and scales of DDoS attacks have been diversified, it has become important to defend against DDoS attacks not only in main networks, but also in small scale networks such as AS (autonomous system). We have designed a DDoS defense system working inside AS without either changing the network structure or modifying the router. For this purpose, we have applied the Shield mechanism, which deals with the location problem in DDoS defense, and utilizes the routing updates protocol called RIP (routing information protocol), a representative protocol of IGP (interior gateway protocol). Moreover, we have also conducted experiments by using simulations to find the optimal number and locations of deployed systems.