Sciweavers

ICNP
2002
IEEE

Attacking DDoS at the Source

14 years 4 months ago
Attacking DDoS at the Source
Distributed denial-of-service (DDoS) attacks present an Internet-wide threat. We propose D-WARD, a DDoS defense system deployed at source-end networks that autonomously detects and stops attacks originating from these networks. Attacks are detected by the constant monitoring of two-way traffic flows between the network and the rest of the Internet and periodic comparison with normal flow models. Mismatching flows are rate-limited in proportion to their aggressiveness. D-WARD offers good service to legitimate traffic even during an attack, while effectively reducing DDoS traffic to a negligible level. A prototype of the system has been built in a Linux router. We show its effectiveness in various attack scenarios, discuss motivations for deployment, and describe associated costs.
Jelena Mirkovic, Gregory Prier, Peter L. Reiher
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ICNP
Authors Jelena Mirkovic, Gregory Prier, Peter L. Reiher
Comments (0)