Analysis and simulation of a fair queueing algorithm
SIGCOMM '89 Symposium proceedings on Communications architectures & protocols
Random early detection gateways for congestion avoidance
IEEE/ACM Transactions on Networking (TON)
Dynamics of random early detection
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Comparative Analysis of the Hardware Implementations of Hash Functions SHA-1 and SHA-512
ISC '02 Proceedings of the 5th International Conference on Information Security
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Longest prefix matching using bloom filters
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Using Dynamic Buffer Limiting to Protect against Belligerent Flows in High-Speed Networks
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Space-code bloom filter for efficient traffic flow measurement
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Duplicate detection in click streams
WWW '05 Proceedings of the 14th international conference on World Wide Web
A monitoring system for detecting repeated packets with applications to computer worms
International Journal of Information Security
Software performance of universal hash functions
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Transport-aware IP routers: a built-in protection mechanism to counter DDoS attacks
IEEE Transactions on Parallel and Distributed Systems
Hi-index | 0.00 |
Distributed denial of service (DDoS) is a serious threat to service availability that poses important concerns. Web-based organizations are under a great pressure to prevent, detect, react, and mitigate DDoS attacks which can lead to severe outages. The main contribution of this paper is a DDoS mitigation system based on Bloom filters, which has been prototyped in a Linux system and tested in our local laboratory. Our experiments show that our system is capable of attenuating the effects of a typical DDoS attack and is able to mitigate a large number of disrupting traffic.