Sciweavers

JNCA
2007

Stateful DDoS attacks and targeted filtering

13 years 11 months ago
Stateful DDoS attacks and targeted filtering
The goal of a DDoS (distributed denial of service) attack is to completely tie up certain resources so that legitimate users are not able to access a service. It has long been an open security problem of the Internet. In this paper, we identify a class of stateful DDoS attacks that defeat the existing cookie-based solutions. To counter these attacks, we propose a new defense mechanism, called targeted filtering, which establishes filters at a firewall and automatically converges the filters to the flooding sources while leaving the rest of the Internet unblocked. We prove the correctness of the proposed defense mechanism, evaluate its efficiency by analysis and simulations, and establish its worst-case performance bounds in response to stateful DDoS attacks. We have also implemented a Linux-based prototype with experimental results that demonstrate the effectiveness of targeted filtering.
Shigang Chen, Yong Tang, Wenliang Du
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2007
Where JNCA
Authors Shigang Chen, Yong Tang, Wenliang Du
Comments (0)