Abstract
We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.
Original language | English (US) |
---|---|
Pages | 183-190 |
Number of pages | 8 |
State | Published - 2003 |
Event | 22nd IEEE International Performance, Computing, and Communications Conference - Phoenix, AZ, United States Duration: Apr 9 2003 → Apr 11 2003 |
Other
Other | 22nd IEEE International Performance, Computing, and Communications Conference |
---|---|
Country/Territory | United States |
City | Phoenix, AZ |
Period | 4/9/03 → 4/11/03 |
ASJC Scopus subject areas
- Media Technology