An on-line DDoS attack traceback and mitigation system based on network performance monitoring

Wei Tsung Su, Tzu Chieh Lin, Chun Yi Wu, Jang Pong Hsu, Yau Hwang Kuo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

In this paper, DDoS Attack Traceback and Mitigation System (DATMS) is proposed to trace the DDoS attack sources based on network performance monitoring. By monitoring packet loss rate and packet arrival rate, the routers can be traced as near as attack sources on victim flows, called Approximate Attack Entry Nodes (AENs), can be traced as near as attack sources. DATMS adopts on-line analysis instead of post-mortem analysis to reduce the trace time. In addition, the packet filter controller which adapts to queue length is proposed to mitigate the DDoS attacks. Since it is extremely difficult to distinguish attack flows and victim flows on core routers, the proposed packet filter is very simple and has lower overhead. Finally, the experimental results from NS-2 simulations show that the DDoS attacks are effectively mitigated by DATMS.

Original languageEnglish
Title of host publication10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings
Pages1467-1472
Number of pages6
DOIs
Publication statusPublished - 2008 May 29
Event2008 10th International Conference on Advanced Communication Technology - Phoenix Park, Korea, Republic of
Duration: 2008 Feb 172008 Feb 20

Publication series

NameInternational Conference on Advanced Communication Technology, ICACT
Volume2
ISSN (Print)1738-9445

Other

Other2008 10th International Conference on Advanced Communication Technology
CountryKorea, Republic of
CityPhoenix Park
Period08-02-1708-02-20

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'An on-line DDoS attack traceback and mitigation system based on network performance monitoring'. Together they form a unique fingerprint.

  • Cite this

    Su, W. T., Lin, T. C., Wu, C. Y., Hsu, J. P., & Kuo, Y. H. (2008). An on-line DDoS attack traceback and mitigation system based on network performance monitoring. In 10th International Conference on Advanced Communication Technology, ICACT 2008 - Proceedings (pp. 1467-1472). [4494041] (International Conference on Advanced Communication Technology, ICACT; Vol. 2). https://doi.org/10.1109/ICACT.2008.4494041