D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Monitoring the Macroscopic Effect of DDoS Flooding Attacks
IEEE Transactions on Dependable and Secure Computing
DDoS detection and traceback with decision tree and grey relational analysis
International Journal of Ad Hoc and Ubiquitous Computing
DoS protection for a pragmatic multiservice network based on programmable networks
AN'06 Proceedings of the First IFIP TC6 international conference on Autonomic Networking
A comprehensive categorization of DDoS attack and DDoS defense techniques
ADMA'06 Proceedings of the Second international conference on Advanced Data Mining and Applications
| Hi-index | 0.00 |
A successful source-end DDoS defense enables earlysuppression of the attack and minimizes collateral damage.However, such an approach faces many challenges: (a) distributingthe attack hinders detection; (b) defense systemsmust guarantee good service to legitimate traffic during theattack; and (c) deployment costs and false alarm levels mustbe sufficiently small and effectiveness must be high to providedeployment incentive. We discuss each of the challengesand describe one successful design of a source-endDDoS defense system - the D-WARD system. D-WARDwas implemented in a Linux router. We include experimentalresults to illustrate D-WARD's performance.