DocumentCode :
511637
Title :
An Active DDoS Defense Model Based on Packet Marking
Author :
Zhang, Yongping ; Wan, Zhuqing ; Wu, Mingming
Author_Institution :
Sch. of Comput. Sci. & Technol., China Univ. of Min. & Technol., Xuzhou, China
Volume :
1
fYear :
2009
fDate :
28-30 Oct. 2009
Firstpage :
435
Lastpage :
438
Abstract :
In the light of that the defense against DDoS attacks is difficult, an active DDoS defense model based on packet marking is proposed in this paper. The model is composed of the subsystem of the tracking of the attacks and the subsystem of filtering of the attack flows. The function of the former is to reconstruct the attack paths using the information from the marked packets while the function of the later is to filter the attacking packets according to the information obtained from the former. The model has a higher efficiency in reconstructing attack path by using a novel authenticated packet marking scheme for IP trace-back. So, it can correspond to the attack flow in a short time. In addition, flow detection and neural network is also used in the model so that the model is more powerful in the functions of identification and filtering of attack packets and protection of the legitimate flows.
Keywords :
information filtering; message authentication; neural nets; IP trace-back; active DDoS defense model; attack flow filtering; attack packet filtering identification; authenticated packet marking scheme; flow detection; legitimate flow protection; neural network; Active filters; Computer crime; Computer science; Electronic mail; Information filtering; Information filters; Neural networks; Protection; Telecommunication traffic; Traffic control; DDoS attack; active defense; neural network Introduction; packet filtering; packet marking;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Science and Engineering, 2009. WCSE '09. Second International Workshop on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3881-5
Type :
conf
DOI :
10.1109/WCSE.2009.704
Filename :
5403249
Link To Document :
بازگشت