BROWSE
Detail
Journal Article
A Service-Oriented DDoS Detection Mechanism Using Pseudo State in a Flow Router
Cited 1 time in 
Share 
Share
- Authors
- PyungKoo Park, SeongMin Yoo, HoYong Ryu, Jaehyung Park, Cheol Hong Kim, Su-il Choi, JaeCheol Ryou
- Issue Date
- 2014-08
- Citation
- Multimedia Tools and Applications, v.74, no.16, pp.6341-6363
- ISSN
- 1380-7501
- Publisher
- Springer
- Language
- English
- Type
- Journal Article
- Abstract
- As distributed denial-of-service (DDoS) attacks have caused serious economic and social problems, there have been numerous researches to defend against them. The current DDoS defense system relies on a dedicated security device, which is located in front of the server it is required to protect. To detect DDoS attacks, this security device compares incoming traffic to known attack patterns. Since such a defense mechanism cannot prevent an influx of attack traffic into the network, and every packet must be compared against the known attack patterns, the mechanism often degrades the service. In this paper, we propose the Service-oriented DDoS Detection Mechanism using a Pseudo State (SDM-P), which runs on network devices to defend against DDoS attacks without sacrificing performance in terms of data forwarding. The SDM-P mechanism is suitable for both low- and high-rate attacks. In addition, we verified the performance of the SDM-P mechanism by evaluating its performance using a DDoS attack similar to the one that occurred in Korea and the USA on July 7th, 2009.
- KSP Keywords
- DDoS Detection, DDoS attacks, DDoS defense, Data Forwarding, Defense Mechanism, Defense system, Distributed denial-of-service(DDoS), Flow Router, High rate, Network devices, Social problems