Firewall rule with token bucket as a DDoS protection tool

The subject of this article are the security problems of network resources in computer networks. Presently the main problem of computer networks are Distributed Denial of Service attacks which can block them. The methods suggested by the literature that mostly base on using firewall and IDS/IPS mechanisms to fight the attacks are not sufficient enough. In this article the author presents a new method for counteracting DDoS attacks - firewall rule with token bucket implementation from Quality of Services method. This new concept is different than previous one, because it gives possibility for user to finish they work which was started before the DDoS attack occurs and they do not suffer from DDoS attacks. The proposed method has already been tested. The results presented in this article suggest that the method could be applied in practice. This article is a part of authors papers focused on IT security.