Indian Journal of Science and Technology
DOI: 10.17485/ijst/2015/v8i36/90557
Year: 2015, Volume: 8, Issue: 36, Pages: 1-6
Original Article
Vladimir Krylov*, Kirill Kravtsov and Eleanora Sokolova
Nizhny Novgorod State Technical University Named after RE Alekseev, Nizhny Novgorod, Russian Federation;
[email protected], [email protected], [email protected]
Background/Objectives: This paper suggests a new approach against Distributed Denial of Service attacks and traffic eavesdropping in TCP/IP networks. Methods/Statistical Analysis: In our method, DDoS resistance is achieved by introducing a new address policy in IP networks. This policy hides physical location of protected server for all unauthorized clients by dynamic mapping of server’s address on a large set of temporary addresses. This paper provides detailed description of the method and its mathematical model. Findings: The authors discuss basic implementation, its major practical constraints and results of initial validation. The proposed method is compatible with Software Defined Network and we discuss major possible advantages of IP Fast Hopping application in SDN. Applications/Improvements: The demonstrated technique suggests new addressing policy that based on randomizing of server’s address. This new addressing policy does not require any global significant changes in the existing Internet architecture and can be implemented as software solution on client and server ends without impact on transit infrastructure.
Keywords: DDoS, IP Fast Hopping, Network Security, SDN, Traffic Intrusion
Subscribe now for latest articles and news.