Advertisement
Published in:
2006 | OriginalPaper | Chapter
RCS: A Distributed Mechanism Against Link Flooding DDoS Attacks
Authors : Yong Cui, Lingjian Song, Ke Xu
Published in: Information Networking. Advances in Data Communications and Wireless Networks
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
DoS/DDoS attacks especially the Link Flooding have exerted severe threat on Internet. In this paper we propose a novel mechanism called Rate Control System (RCS) against Link Flooding based on the correlation analysis of upper link flows. According to the feature of aggregate in DDoS attack, RCS takes DDoS attack problem as a way of flow control to simplify the situation and deploys the flow controller at the routers near the victims. As the key point of our mechanism, an algorithm is designed to differentiate the malicious packets and the normal ones and we classify the packets according to TCP flags in order to tell different flows apart. In addition we detect the malicious aggregate using correlation analysis to make clear the type and the location of the attack. Simulation results demonstrate the performance for detecting the Link Flooding DDoS attacks.