基于回推和通信机制的分布式DoS防御

The 2011 International Conference on Advanced Technologies for Communications (ATC 2011) Pub Date : 2011-09-26 DOI:10.1109/ATC.2011.6027461

Trung Hai Nguyen, Cao Thanh Doan, Van Quan Nguyen, Thi Huyen Trang Nguyen, Minh Phuong Doan

{"title":"基于回推和通信机制的分布式DoS防御","authors":"Trung Hai Nguyen, Cao Thanh Doan, Van Quan Nguyen, Thi Huyen Trang Nguyen, Minh Phuong Doan","doi":"10.1109/ATC.2011.6027461","DOIUrl":null,"url":null,"abstract":"DDoS is one of the most dangerous methods to attack victim network because it uses a vast quantity of distributed agents to make victim paralyze. This paper gives a DDoS defense method which is based on “pushback and communicate” idea (PaC method). When the gateway of victim detects DDoS attack, it has to listen on interfaces to define the neighbors from which DDoS packets come. Those neighbors will receive DDoS information and do same things the victim's gateway does. By repeating that work, PaC can find the exact way DDoS packets had passed through. All routers then continue creating their own filters before sending DDoS information to their next neighbors.","PeriodicalId":221905,"journal":{"name":"The 2011 International Conference on Advanced Technologies for Communications (ATC 2011)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Distributed defense of distributed DoS using pushback and communicate mechanism\",\"authors\":\"Trung Hai Nguyen, Cao Thanh Doan, Van Quan Nguyen, Thi Huyen Trang Nguyen, Minh Phuong Doan\",\"doi\":\"10.1109/ATC.2011.6027461\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"DDoS is one of the most dangerous methods to attack victim network because it uses a vast quantity of distributed agents to make victim paralyze. This paper gives a DDoS defense method which is based on “pushback and communicate” idea (PaC method). When the gateway of victim detects DDoS attack, it has to listen on interfaces to define the neighbors from which DDoS packets come. Those neighbors will receive DDoS information and do same things the victim's gateway does. By repeating that work, PaC can find the exact way DDoS packets had passed through. All routers then continue creating their own filters before sending DDoS information to their next neighbors.\",\"PeriodicalId\":221905,\"journal\":{\"name\":\"The 2011 International Conference on Advanced Technologies for Communications (ATC 2011)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 2011 International Conference on Advanced Technologies for Communications (ATC 2011)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ATC.2011.6027461\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 2011 International Conference on Advanced Technologies for Communications (ATC 2011)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ATC.2011.6027461","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

DDoS是一种最危险的攻击对象网络的方法，它使用大量的分布式代理使对象瘫痪。本文提出了一种基于“推回和通信”思想的DDoS防御方法(PaC方法)。当受害者网关检测到DDoS攻击时，需要侦听接口，定义DDoS报文来自的邻居。这些邻居将接收DDoS信息并执行与受害者网关相同的操作。通过重复这项工作，PaC可以找到DDoS数据包通过的确切方式。然后，所有路由器在向下一个邻居发送DDoS信息之前继续创建自己的过滤器。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Distributed defense of distributed DoS using pushback and communicate mechanism

DDoS is one of the most dangerous methods to attack victim network because it uses a vast quantity of distributed agents to make victim paralyze. This paper gives a DDoS defense method which is based on “pushback and communicate” idea (PaC method). When the gateway of victim detects DDoS attack, it has to listen on interfaces to define the neighbors from which DDoS packets come. Those neighbors will receive DDoS information and do same things the victim's gateway does. By repeating that work, PaC can find the exact way DDoS packets had passed through. All routers then continue creating their own filters before sending DDoS information to their next neighbors.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The 2011 International Conference on Advanced Technologies for Communications (ATC 2011)

自引率

0.00%

发文量