@inproceedings{12208d2eab8545d9931468f447e279a7,
title = "A novel architecture for detecting and defending against flooding-based DDoS attacks",
abstract = "Flooding-based distributed denial-of-service (DDoS) attack presents a very serious threat to the stability of the Internet. In this paper, we propose a novel global defense architecture to protect the entire Internet from DDoS attacks. This architecture includes all the three parts of defense during the DDoS attack: detection, filtering and traceback, and we use different agents distributed in routers or hosts to fulfill these tasks. The superiority of the architecture that makes it more effective includes: (i) the attack detection algorithm as well as attack filtering and traceback algorithm are both network traffic-based algorithms; (ii) our traceback algorithm itself also can mitigate the effects of the attacks. Our proposed scheme is implemented through simulations of detecting and defending SYN Flooding attack, which is an example of DDoS attack. The results show that such architecture is much effective because the performance of detection algorithm and traceback algorithm are both better.",
author = "Yi Shi and Xinyu Yang",
year = "2005",
doi = "10.1007/11596981\_54",
language = "英语",
isbn = "3540308199",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "364--374",
booktitle = "Computational Intelligence and Security - International Conference, CIS 2005, Proceedings",
note = "International Conference on Computational Intelligence and Security, CIS 2005 ; Conference date: 15-12-2005 Through 19-12-2005",
}