Abstract
To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.
This work was supported by University IT research center of MIC.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Gibson, S.: The Strange Tale of the Denial of Service Attacks Against GRC.COM (2002), http://grc.com/dos/grcdos.htm
Snoeren, A., et al.: Hash-Based IP Traceback. In: Proc. ACM SIGCOMM (August 2000)
Savage, S., et al.: Practical Network Support for IP Traceback. In: Proc. ACM SIGCOMM (August 2000)
Ferguson, P., Senie, D.: Network Igress Filtering : Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2827 (May 2000)
Porras, P., Valdes, A.: Live Traffic Analysis of TCP/IP Gateways. In: Proc. Net. and (Mar. 1998)
Chang, R.K.C.: Defending against Flooding-Based Distributed Denial-of- Service A Tutorial. IEEE Communications Magazine (2002)
Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical Approaches to DDoS Attack Detection and Response. In: DARPA Information Survivability Conference and Exposition (DISCEX 2003), April 22-24 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hong, C.S., Kasahara, Y., Lee, D.H. (2004). DDoS Attack Defense Architecture Using Active Network Technology. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_104
Download citation
DOI: https://doi.org/10.1007/978-3-540-24707-4_104
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22054-1
Online ISBN: 978-3-540-24707-4
eBook Packages: Springer Book Archive