Mitigating DDoS attacks with cluster-based filtering
نویسنده
چکیده
منابع مشابه
NetBouncer: Client-legitimacy-based High-performance DDoS Filtering
We describe "NetBouncer", an approach and set of technologies for providing practical and highperformance defenses against distributed denial-ofservice (DDoS) attacks. The central innovation in the NetBouncer approach to filtering and mitigating DDoS attacks is the ability to distinguish legitimate traffic from illegitimate ones so as to enable the discarding of only illegitimate traffic. In pa...
متن کاملMitigating Flooding-Based DDoS Attacks by Stochastic Fairness Queueing
Flooding-based DDoS attacks is a very common way to attack a victim machine by directly or indirectly sending a large amount of malicious traffic to it. Stochastic Fairness Queueing (SFQ) is a typical implementation of Fair Queueing. This paper focuses on exploring the feasibility of mitigating flooding-based DDoS attacks by queueing disciplines. A comparative study is made between SFQ and FCFS...
متن کاملCluB : A Cluster Based Proactive Method for Mitigating Distributed Denial of Service Attacks
Distributed Denial of Service (DDoS) attacks are threats not only for the direct targets but also for the core of the network. They are also hard to detect in advance, hence methods to deal with them need to be proactive. By building on earlier work and improving on distribution of control aspects, we propose a proactive method, which is called CluB, to mitigate DDoS attacks; the method balance...
متن کاملSimulation-Based Study of Distributed Denial of Service Attacks Counteract in the Cloud Services
Network availability is threatened by the traditional Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. The risk is much increased with the emergence of the new computing paradigm of cloud computing. In this era, DDoS attacks can threaten the cloud sustainability by hitting its pricing model exploiting the cloud scalability feature. Therefore, a new phenomenon is emerged...
متن کاملDon’t Talk to Zombies: Mitigating DDoS Attacks via Attestation
Distributed Denial-of-Service (DDoS) attacks typically originate from exploited endhosts controlled by a remote attacker. Current network-based DDoS defenses can only filter out malicious traffic based on the traffic’s inherent properties; they cannot filter based on properties of the endhost that generated the traffic. We observe that the identity of the code that has generated a packet offers...
متن کامل