A DDoS attack defending scheme based on network processor

被引:0
|
作者
Li Xinlei [1 ]
Zheng Kangfeng [1 ]
Yang Yixian [1 ]
机构
[1] Beijing Univ Posts & Telecommun, State Key Lab Networking & Switching Technol, Informat Secur Ctr, Beijing 100876, Peoples R China
来源
2009 WASE INTERNATIONAL CONFERENCE ON INFORMATION ENGINEERING, ICIE 2009, VOL II | 2009年
关键词
distributed denial of service attacks; QoS; network processor; defending;
D O I
10.1109/ICIE.2009.107
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The distributed denial of service attacks have become more and more frequent and caused some fatal problems. Many researches have been done to detect and defend such attacks, however, many solutions are still in the phase of theoretical studies. Some of them may have certain practical value, but they have to reconstruct the existing network and the routing instruments with great cost. This paper proposes a DDoS attack defending scheme based on network processor. The scheme takes advantage of network processor's powerful process ability to divide the network flow into different types firstly, and then uses a QoS mechanism to ensure essential communications as well as to eliminate the attack flow to the greatest extent. Experiment results show that the scheme can provide enough bandwidth for high priority flow, and effectively weaken the attack flow.
引用
收藏
页码:238 / 241
页数:4
相关论文
共 50 条
  • [31] A novel defense scheme against DDOS attack in VANET
    2013, IEEE Computer Society
  • [32] A novel distributed detection scheme against DDoS attack
    Zhou, Zaihong
    Xie, Dongqing
    Xiong, Wei
    Journal of Networks, 2009, 4 (09) : 921 - 928
  • [33] Defending Dos/DDOS attacks using network new technology
    Lu, N
    Chen, HX
    Xiao, J
    ICCC2004: Proceedings of the 16th International Conference on Computer Communication Vol 1and 2, 2004, : 1612 - 1617
  • [34] Dynamic Model on DDoS Attack in Computer Network
    Kumar, Upendra
    Pandey, Samir Kumar
    PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INFORMATICS AND ANALYTICS (ICIA' 16), 2016,
  • [35] Study on realization scheme of firewall based on network processor
    Su, Wei
    Zhang, Hong-Ke
    Beifang Jiaotong Daxue Xuebao/Journal of Northern Jiaotong University, 2002, 26 (03):
  • [36] A DDoS Attack Mitigation Scheme in ISP Networks Using Machine Learning Based on SDN
    Nguyen Ngoc Tuan
    Pham Huy Hung
    Nguyen Danh Nghia
    Nguyen Van Tho
    Trung Van Phan
    Nguyen Huu Thanh
    ELECTRONICS, 2020, 9 (03)
  • [37] A P2P-based Distributed Detection Scheme Against DDoS Attack
    Zhou, Zaihong
    Xie, Dongqing
    Xiong, Wei
    PROCEEDINGS OF THE FIRST INTERNATIONAL WORKSHOP ON EDUCATION TECHNOLOGY AND COMPUTER SCIENCE, VOL II, 2009, : 304 - +
  • [38] DDoS Attack Detection Method for Space-Based Network Based on SDN Architecture
    JIA Min
    SHU Yuejie
    GUO Qing
    GAO Zihe
    XIE Suofei
    ZTE Communications, 2020, 18 (04) : 18 - 25
  • [39] A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors
    Zhang, Jian
    Liang, Qidi
    Jiang, Rui
    Li, Xi
    APPLIED SCIENCES-BASEL, 2019, 9 (21):
  • [40] Adaptive space-code bloom filter based traceback scheme for DDoS attack
    School of Computer and Communications, Hunan University, Changsha, China
    不详
    J. Comput. Inf. Syst., 6 (1817-1825):
12345