Defense against Bandwidth Attacks with Traffic Resource Management

In this paper, a framework is proposed to defend against Internet bandwidth attacks with traffic resource management to provide service for legitimate users. Denial of service (DoS) is one of the major bandwidth attacks in the Internet. A DoS attack generates a large volume of traffic to consume the network bandwidth and degrade the service that legitimate users can obtain. Incoming traffic to the server is monitored and features are extracted for each connection. Anomaly detection technique is used to detect the abnormal traffic. Based on the outcome of the anomaly detection technique, the proposed resource management approach allocates suitable bandwidth. With the early detection of DoS, the attack traffic can be isolated. The bandwidth occupied by the attack can be reduced and protected for the legitimate users. Performances are compared under different attack loads with and without resource management. Simulation results show that bandwidth can be greatly saved from an attack and the service for the legitimate users can be protected during an attack.