상세정보
학술지
A Collaborative Defense Mechanism against DDoS Attacks for Network Service Continuity
Cited - time in 
Download 3 time
Share 
Download 3 time
Share
- 발행일
- 201507
- 출처
- Asia Life Sciences, v.2015 no.Suppl. 11, pp.1-15
- ISSN
- 0117-3375
- 출판사
- SERSC
- 협약과제
- 14MI2700, Non-stop Active Routing을 지원하는 고가용성 네트워크 운영체제 기술개발, 류호용
- 초록
- As distributed denial-of-service (DDoS) attacks have caused serious economic and social problems, there have been numerous researches to defend against them. The current DDoS defense system relies on a dedicated security device, which is located in front of the server it is required to protect. To detect DDoS attacks, this security device compares incoming traffic to known attack patterns. Since such a defense mechanism cannot prevent an influx of attack traffic into the network, and every packet must be compared against the known attack patterns, the mechanism often degrades the service. In this paper, we propose the Service-oriented DDoS Detection Mechanism using a Pseudo State (SDM-P), which runs on network devices to defend against DDoS attacks without sacrificing performance in terms of data forwarding. The SDM-P mechanism is suitable for both low- and high-rate attacks. In addition, we verified the performance of the SDM-P mechanism by evaluating its performance using a DDoS attack similar to the one that occurred in Korea and the USA on July 7th, 2009.
- KSP 제안 키워드
- DDoS Detection, DDoS attacks, DDoS defense, Data Forwarding, Defense Mechanism, Defense system, Distributed denial-of-service(DDoS), High rate, Network devices, Network service, Service continuity