sShield: small DDoS defense system using RIP-based traffic deflection in autonomous system |
| |
Authors: | Ho-Seok Kang Sung-Ryul Kim |
| |
Affiliation: | 1. Division of Internet and Multimedia Engineering, Konkuk University, Seoul, Republic of Korea
|
| |
Abstract: | DDoS (distributed denial of service) attacks have gradually increased and have become more sophisticated. There have been several methods for defending against these attacks. However, because the types and scales of DDoS attacks have been diversified, it has become important to defend against DDoS attacks not only in main networks, but also in small scale networks such as AS (autonomous system). We have designed a DDoS defense system working inside AS without either changing the network structure or modifying the router. For this purpose, we have applied the Shield mechanism, which deals with the location problem in DDoS defense, and utilizes the routing updates protocol called RIP (routing information protocol), a representative protocol of IGP (interior gateway protocol). Moreover, we have also conducted experiments by using simulations to find the optimal number and locations of deployed systems. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|