DoS Evading Mechanism upon Service Hopping

Abstract

Motivated by frequency hopping for military environment, this paper introduces a DoS/DDoS evading paradigm through service hopping technique, which changes the service information such as port number or network address pseudo-randomly. A skeleton of DoS evading is established upon hopping tactic. Thereafter, theoretical analysis of evading performance is carried out; experimental validation is well performed on a centralized hopping prototype and a distributed system. Our study shows that faster tactic of port and address hopping can be able to provide better service under DoS attacks; however, excessively faster scheme would cause much service problem because of transmission delay and traffic jam.