Title :
A Method Based on AMHI for DDoS Attacks Detection and Defense
Author :
Bu, Kai ; Sun, Zhixin
Author_Institution :
Inst. of Comput. Technol., Nanjing Univ. of Posts & Telecommun., Nanjing
Abstract :
The emergence of Distributed Denial of Service (DDoS) attack increases the destructive force of Denial of Service (DoS) attack drastically. Besides bringing more terrible threats, the attack from far and near and the employment of internet protocol (IP) spoofing make the abnormal traffic detection harder and harder. This paper proposes a mechanism defined as AMHI (Address Matching and Hash Inspection) and a method based on it for DDoS attacks detection and defense. Through the simulation experiment, the Address Matching and backup Hash Inspection operations to the suspicious traffic implemented on router interface for local subnet can detect and defend DDoS attacks effectively even when using IP Spoofing. In addition, this method can also decrease a mass of statistical work for the routers, and to some extent ease the pressure of heavy traffic caused by attacks.
Keywords :
IP networks; cryptography; inspection; network interfaces; pattern matching; telecommunication network routing; telecommunication security; telecommunication traffic; transport protocols; DDoS attacks detection; address matching operation; backup hash inspection operation; distributed denial of service; internet protocol spoofing; router interface; traffic detection; Computer crime; Distributed computing; Inspection; Internet; Laboratories; Network servers; Protocols; Telecommunication computing; Telecommunication traffic; Traffic control; Distributed denial of service; abnormal traffic; attack identification; network security;
Conference_Titel :
Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3398-8
Electronic_ISBN :
978-0-7695-3398-8
DOI :
10.1109/ICYCS.2008.324
