Integrated Notification Architecture Based on Overlay Against DDoS Attacks on Convergence Network

The distributed denial of service (DDoS) attack that is one of the most threatening attacks in the wired network has been already extended in the wireless mobile network, owing to the appearance of DDoS attack tool against mobile phone. In the future, the latent threats for the converged form of DDoS attack should be resolved for the induction of successful convergence network. However, because of the current problems in defending against converged DDoS attacks on convergence network, such as the absence of a converged defense, research on cooperation architecture between defense processes is critical. In this paper, we analyze possible converged attacks, thus we propose a scalable and dynamic notification architecture based on overlay routing against DDoS attacks in consideration of the capacity of each node. A main feature of this architecture is the speedy notification of attack detection to each highest defense system in the network of the attack agents as well as in the victims. Thus it makes it possible not only to fast defense at the network of victims but also to identify attack agents. We analyzed the overhead for constructing our hierarchical overlay, simulated the transmission rate and speed of detection notification, and found a marked improvement using our defense compared to general routes.