Distributed defense of distributed DoS using pushback and communicate mechanism

Abstract

DDoS is one of the most dangerous methods to attack victim network because it uses a vast quantity of distributed agents to make victim paralyze. This paper gives a DDoS defense method which is based on “pushback and communicate” idea (PaC method). When the gateway of victim detects DDoS attack, it has to listen on interfaces to define the neighbors from which DDoS packets come. Those neighbors will receive DDoS information and do same things the victim's gateway does. By repeating that work, PaC can find the exact way DDoS packets had passed through. All routers then continue creating their own filters before sending DDoS information to their next neighbors.