ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술대회 A Technique to Make a Path Table for Blocking Distributed Denial-of-Service Attacks
Cited 1 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
저자
은지숙, 정희영
발행일
201511
출처
International Conference on Future Generation Communication and Networking (FGCN) 2015, pp.13-16
DOI
https://dx.doi.org/10.1109/FGCN.2015.11
협약과제
15ZI1200, 고품격 미래인터넷을위한 식별자기반 네트워킹기술연구, 정희영
초록
Generally, there is a Distributed Denial-of-Service (DDoS) detection and defense mechanism in router near the victim host and packet filtering routines are initiated during the attack continues. By the way, it would be better an attack packet blocking mechanism is in router closed to the attacker for downsizing attack traffics in network. This paper presents attack route diagnosis, a technique that operates based on path table. Path table includes routes on a pair of routers identified by route identifier and a packet is delivered with route identifier. If attack is detected by victim, a router near the victim starts attack route diagnosis based on route identifier. This process blocks one attacker at router closed to attacker and which is also not dependent on the number of attacker because of parallel and independent processing. We verify a feasibility of proposed technique on Linux system implementation.
키워드
DDoS, Network-level security, Source blocking, Trace Back
KSP 제안 키워드
Blocking mechanism, Defense Mechanism, Detection and Defense, Distributed Denial of Service attacks, Distributed denial-of-service(DDoS), Linux system, Network-level security, Source blocking, Trace-back, denial of service(DoS), packet filtering