Deakin University
Browse

File(s) under permanent embargo

Distributed defense against distributed denial-of-service attacks

journal contribution
posted on 2005-01-01, 00:00 authored by W Shi, Yang Xiang, Wanlei Zhou
Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.

History

Journal

Lecture notes in computer science

Volume

3719

Pagination

357 - 362

Publisher

Springer-Verlag

Location

Berlin, Germany

ISSN

0302-9743

eISSN

1611-3349

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2005, Springer

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC