DDoS attack defense architecture using active network technology

Choong Seon Hong, Yoshiaki Kasahara, Dea Hwan Lee

Research output: Contribution to journalArticle

Abstract

To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.

Original languageEnglish
Pages (from-to)915-923
Number of pages9
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3043
Publication statusPublished - Dec 1 2004

Fingerprint

DDoS
Active networks
Attack
Routers
Router
Congestion
Adaptive algorithms
Signature
Vertex of a graph
Servers
Adaptive Algorithm
Error Rate
Server
Filtering
Architecture
Traffic
Filter

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{c35dd90ac6c347e180dee5ed75e1c59e,
title = "DDoS attack defense architecture using active network technology",
abstract = "To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.",
author = "Hong, {Choong Seon} and Yoshiaki Kasahara and Lee, {Dea Hwan}",
year = "2004",
month = "12",
day = "1",
language = "English",
volume = "3043",
pages = "915--923",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - DDoS attack defense architecture using active network technology

AU - Hong, Choong Seon

AU - Kasahara, Yoshiaki

AU - Lee, Dea Hwan

PY - 2004/12/1

Y1 - 2004/12/1

N2 - To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.

AB - To solve the congestion problem, network nodes at near the zombies need to filter the attack traffic. But the amounts of attack packets are small at upstream node and it is hard to detect an occurrence of an attack. In this case, the network node near the protected site should perform attack detection. Our proposed system uses active network technology and allowing detecting attack at active router near protected server. This detecting process uses dynamic, adaptive detecting algorithm. Elementary classification will reduce network congestion and adaptive classification will reduce error detecting rate. Signatures which are created by these two classifications are transferred to other active routers. And then they perform filtering process based on signatures.

UR - http://www.scopus.com/inward/record.url?scp=35048860449&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35048860449&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:35048860449

VL - 3043

SP - 915

EP - 923

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -