Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
IEEE COMMUNICATIONS LETTERS, VOL. 10, NO. 11, NOVEMBER 2006 793 Differentiating Malicious DDoS Attack Traffic from
 

Summary: IEEE COMMUNICATIONS LETTERS, VOL. 10, NO. 11, NOVEMBER 2006 793
Differentiating Malicious DDoS Attack Traffic from
Normal TCP Flows by Proactive Tests
Zhiqiang Gao, Member, IEEE, and Nirwan Ansari, Senior Member, IEEE
Abstract-- To defend against distributed denial of service
(DDoS) attacks, one critical issue is to effectively isolate the attack
traffic from the normal ones. A novel DDoS defense scheme based
on TCP is hereby contrived because TCP is the dominant traffic
for both the normal and lethal flows in the Internet. Unlike
most of the previous DDoS defense schemes that are passive in
nature, the proposal uses proactive tests to identify and isolate
the malicious traffic. Simulation results validate the effectiveness
of our proposed scheme.
Index Terms-- DDoS defense, proactive test, TCP.
I. INTRODUCTION
DISTRIBUTED denial of service (DDoS) attacks are
probably the most ferocious threats to the integrity of
the Internet. It is well known that it is rather easy to launch,
but difficult to defend against, a DDoS attack. The underlying
reasons include (1) IP spoofing; (2) the distributed nature

  

Source: Ansari, Nirwan - Department of Electrical and Computer Engineering, New Jersey Institute of Technology

 

Collections: Engineering