In this paper, the characteristics of Client/Server interaction behaviors under normal web access and typical DoS/DDoS attack are analyzed. A simple local rate-limiting method called Behavior-based Ingress Rate-limiting (BIR) mechanism is proposed, by which the client-end host’s inbound and outbound traffics are monitored. Bursts of the traffics are suppressed by a local transmission delay mechanism. The principle and implementation are described. Simulations are performed to validate its efficacy. Finally, the approach’s potential and limitations are also discussed.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
- A Behavior-Based Ingress Rate-Limiting Mechanism Against DoS/DDoS Attacks
- Springer Berlin Heidelberg
Neuer Inhalt/© ITandMEDIA