2006 | OriginalPaper | Chapter
Inter-domain Security Management to Protect Legitimate User Access from DDoS Attacks
Authors : Sung Ki Kim, Byoung Joon Min
Published in: Computational Science and Its Applications - ICCSA 2006
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In this paper, we propose a cooperative inter-domain security mana- gement to protect access of legitimate users from the DDoS attacks exploiting randomly spoofed source IP addresses. We assume that Internet is divided into multiple domains and there exists one or more domain security manager in each domain, which is responsible for identifying hosts within the domain. The security management cooperation is achieved in two steps. First, a domain security manager forwards information regarding identified suspicious attack flows to neighboring managers. Secondly, the domain security manager verifies the attack upon receiving return messages from the neighboring managers. The management method proposed in this paper is designed not only to prevent network resources from being exhausted by the attacks but also to increase the possibility that legitimate users can fairly access the target services. Through the experiment on a test-bed, the proposed method was verified to be able to maintain high detection accuracy and to enhance the normal packet survival rate.