Sciweavers

JSAC
2006

ALPi: A DDoS Defense System for High-Speed Networks

13 years 11 months ago
ALPi: A DDoS Defense System for High-Speed Networks
Distributed denial-of-service (DDoS) attacks pose a significant threat to the Internet. Most solutions proposed to-date face scalability problems as the size and speed of the network increase, with no widespread DDoS solution deployed in the industry. PacketScore has been proposed as a proactive DDoS defense scheme, which detects DDoS attacks, differentiates attack packets from legitimate ones with the use of packet scoring (where the score of a packet is calculated based on attribute values it possesses), and discards packets whose scores are lower than a dynamic threshold. In this paper, we propose ALPi, a new scheme which extends the packet scoring concept with reduced implementation complexity and enhanced performance. More specifically, a leaky-bucket overflow control scheme simplifies the score computation, and facilitates high-speed implementation. An attribute-value-variation scoring scheme analyzes the deviations of the current traffic attribute values, and increases the accur...
P. E. Ayres, H. Sun, H. Jonathan Chao, Wing Cheong
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2006
Where JSAC
Authors P. E. Ayres, H. Sun, H. Jonathan Chao, Wing Cheong Lau
Comments (0)