High-speed router filter for blocking TCP flooding under DDoS attack

被引：5

作者：

Kim, Y ^{[1
]}

Jo, JY ^{[1
]}

Chao, HJ ^{[1
]}

Merat, F ^{[1
]}

机构：

[1] Case Western Reserve Univ, Elect Eng & Comp Sci Dept, Cleveland, OH 44106 USA

来源：

2003 IEEE INTERNATIONAL PERFORMANCE, COMPUTING, AND COMMUNICATIONS CONFERENCE PROCEEDINGS | 2003年

关键词：

D O I：

10.1109/PCCC.2003.1203698

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing, the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, the TCP portion of the bandwidth can be protected In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

引用

页码：183 / 190

页数：8

共 50 条

[1] High-Speed Network DDoS Attack Detection: A Survey
Haseeb-ur-rehman, Rana M. Abdul
Aman, Azana Hafizah Mohd
Hasan, Mohammad Kamrul
Ariffin, Khairul Akram Zainol
Namoun, Abdallah
Tufail, Ali
Kim, Ki-Hyung
SENSORS, 2023, 23 (15)
[2] A Lightweight Detection Using Bloom Filter against Flooding DDoS Attack
Choi, Sanghun
An, Yichen
Sasase, Iwao
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2020, E103D (12) : 2600 - 2610
[3] The Effect of Router Buffer Size on R-Bias in High-Speed variants of TCP
Haider, Aun
Nakao, Akihiro
PROCEEDINGS OF THE INTERNATIONAL SYMPOSIUM ON PERFORMANCE EVALUATION OF COMPUTER AND TELECOMMUNICATION SYSTEMS, 2009, 41 (04): : 319 - +
[4] Loss Synchronization, Router Buffer Sizing and High-Speed TCP Versions: Adding RED to the Mix
Hassayoun, Sofiane
Ros, David
2009 IEEE 34TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2009), 2009, : 569 - 576
[5] High-speed cell scheduling for router backplanes
Serpanos, DN
Antoniadis, PI
ATM 2000: PROCEEDINGS OF THE IEEE CONFERENCE 2000 ON HIGH PERFORMANCE SWITCHING AND ROUTING, 2000, : 65 - 71
[6] High-speed cell scheduling for router backplanes
Serpanos, D.N.
Antoniadis, P.I.
1600, IEEE, Piscataway, NJ, United States
[7] THE BAY BRIDGE - A HIGH-SPEED BRIDGE ROUTER
MCKEOWN, N
EDELL, R
LE, MT
IFIP TRANSACTIONS C-COMMUNICATION SYSTEMS, 1993, 9 : 203 - 218
[8] TCP Noordwijk for high-speed trains
Luglio, M.
Roseti, C.
Savone, G.
Zampognaro, F.
SPACOMN: 2009 FIRST INTERNATIONAL CONFERENCE ON ADVANCES IN SATELLITE AND SPACE COMMUNICATIONS, 2009, : 102 - 106
[9] A VLSI interval router for high-speed networks
Christian, BS
Zhang, CN
Mason, R
1996 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING - CONFERENCE PROCEEDINGS, VOLS I AND II: THEME - GLIMPSE INTO THE 21ST CENTURY, 1996, : 154 - 157
[10] Classifying DDoS packets in high-speed networks
Xiang, Yang
Zhou, Wanlei
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2006, 6 (2B): : 107 - 115

← 1 2 3 4 5 →