A new active DDoS defense system based on automatic learning
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
| Hi-index | 0.00 |
Denial of Service (DoS) attacks represent, in today's Internet, one of the most complex issues to address. A session is under a DoS attack if it cannot achieve its intended throughput due to the misbehavior of other sessions. Many research studies dealt with DoS, proposing modelsand/or architectures mostly based on an attack prevention approach. Prevention techniques lead to different models, each suitable for a single type of misbehavior, but do not guarantee the protection of a system from a more general DoS attack. In this work we analyze the fundamental requirements to be satisfied in order to protect hosts and routers from any form of Distributed DoS (DDoS). Then we propose a network signaling protocol, named Active Security Protocol (ASP), which satisfies most of the defined requirements. ASP provides an active protection from a DDoS attack, being able to adapt its defense strategies to the current type of violation. Protocol specification and design are performed using an object oriented methodology: we used Unified Modeling Language (UML) as a software description language.