A Rule-based Detection Mechanism against Distributed Denial of Service AttacksProceeding: Third International Conference on Digital Enterprise and Information Systems (DEIS2015)
Publication Date: 2015-04-16
Authors : Chin-Ling Chen; Hsin-Chiao Chen;
Page : 38-45
Keywords : Distributed Denial of Service; Firewall; Detection;
We have designed a novel flow detection that is a software module on a router/server that inspects the aggregate of arrival packets in a timely manner. The flow detection has established an application monitoring distributed denial of service (DDoS) attacks. We adopt TFN2K (Tribe Flood, the Net 2K) as an attack traffic generator and monitor the system resource of the victim target like CPU utilization, memory usage, consumed by attack traffic. The types of attack traffic have been analyzed and by that we develop a defense scheme. The experiment has demonstrated that the proposed scheme can effectively prevent the attack traffic with coordinating the firewall.
Other Latest Articles
Last modified: 2015-04-18 14:15:04