Skip to main content
SpringerLink
Log in

DDoS Attack Defense Architecture Using Active Network Technology

  • Conference paper
Computational Science and Its Applications – ICCSA 2004 (ICCSA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3043))

Included in the following conference series:

  • 609 Accesses

Abstract

To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.

This work was supported by University IT research center of MIC.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 74.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Gibson, S.: The Strange Tale of the Denial of Service Attacks Against GRC.COM (2002), http://grc.com/dos/grcdos.htm

  2. Snoeren, A., et al.: Hash-Based IP Traceback. In: Proc. ACM SIGCOMM (August 2000)

    Google Scholar 

  3. Savage, S., et al.: Practical Network Support for IP Traceback. In: Proc. ACM SIGCOMM (August 2000)

    Google Scholar 

  4. Ferguson, P., Senie, D.: Network Igress Filtering : Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2827 (May 2000)

    Google Scholar 

  5. Porras, P., Valdes, A.: Live Traffic Analysis of TCP/IP Gateways. In: Proc. Net. and (Mar. 1998)

    Google Scholar 

  6. Chang, R.K.C.: Defending against Flooding-Based Distributed Denial-of- Service A Tutorial. IEEE Communications Magazine (2002)

    Google Scholar 

  7. Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical Approaches to DDoS Attack Detection and Response. In: DARPA Information Survivability Conference and Exposition (DISCEX 2003), April 22-24 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Electronics and Information, Kyung Hee University, 1 Seocheon Giheung Yongin, Gyeoggi, 449-701, KOREA

    Choong Seon Hong & Dea Hwan Lee

  2. Computing and Communications Center, Kyushu University, Hakozaki 6-10-1, Higashi-ku, Fukuoka, 812-8581, JAPAN

    Yoshiaki Kasahara

Authors
  1. Choong Seon Hong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshiaki Kasahara
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dea Hwan Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, I-06123, Perugia, Italy

    Antonio Laganá

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  5. OptimaNumerics Ltd., Cathedral House, 23-31 Waring Street, BT1 2DX, Belfast, UK

    C. J. Kenneth Tan

  6. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hong, C.S., Kasahara, Y., Lee, D.H. (2004). DDoS Attack Defense Architecture Using Active Network Technology. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_104

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24707-4_104

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22054-1

  • Online ISBN: 978-3-540-24707-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation