Title :
Swing - A Novel Mechanism Inspired by Shim6 Address-Switch Conception to Limit the Effectiveness of DoS Attacks
Author :
Cheng, Xiangbin ; Bi, Jun ; Li, Xing
Author_Institution :
Network Res. Center, Tsinghua Univ., Beijing
Abstract :
Denial-of-Service (DoS) attacks play a significant role among all the network security issues today. In this paper, we present a mechanism (called Swing) to limit the effectiveness of DoS attacks. Inspired by the address-switch conception of the newly proposed shim6 protocol, Swing tries to protect servers from attacks by using a new strategy. In the mechanism, when a DoS attack is detected, the server will automatically change its address to get rid of the attack. Meanwhile, existing connections from normal clients will be kept using an address-switch protocol like shim6. A p2p network is included in the mechanism to help clients establish new connections to the server under attack situations, and side equipments are deployed near the server to monitor and reshape the network flow. This mechanism suggests a new kind of strategy to defend DoS attacks, and provides a resilient and effective solution.
Keywords :
peer-to-peer computing; security of data; P2P network; Shim6 address-switch conception; Swing; denial-of-service attacks; network security; Computer crime; Costs; Information filtering; Information filters; Monitoring; Network servers; Network topology; Protection; Protocols; Switches; DoS attack; IPv6; Shim6;
Conference_Titel :
Networking, 2008. ICN 2008. Seventh International Conference on
Conference_Location :
Cancun
Print_ISBN :
978-0-7695-3106-9
Electronic_ISBN :
978-0-7695-3106-9
DOI :
10.1109/ICN.2008.79
