Computer Science – Networking and Internet Architecture
Scientific paper
2004-03-29
Updated version appears in Proc. USENIX Annual Technical Conference, April 2005
Computer Science
Networking and Internet Architecture
Description and evaluation of a filter management protocol that reactively protects public-access sites against DDoS attacks.
Scientific paper
A distributed denial-of-service (DDoS) attack can flood a victim site with malicious traffic, causing service disruption or even complete failure. Public-access sites like amazon or ebay are particularly vulnerable to such attacks, because they have no way of a priori blocking unauthorized traffic. We present Active Internet Traffic Filtering (AITF), a mechanism that protects public-access sites from highly distributed attacks by causing undesired traffic to be blocked as close as possible to its sources. We identify filters as a scarce resource and show that AITF protects a significant amount of the victim's bandwidth, while requiring from each participating router a number of filters that can be accommodated by today's routers. AITF is incrementally deployable, because it offers a substantial benefit even to the first sites that deploy it.
Argyraki Katerina J.
Cheriton David R.
No associations
LandOfFree
Protecting Public-Access Sites Against Distributed Denial-of-Service Attacks does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Protecting Public-Access Sites Against Distributed Denial-of-Service Attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Protecting Public-Access Sites Against Distributed Denial-of-Service Attacks will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-240914