High-speed router filter for blocking TCP flooding under DDoS attack

Yoohwan Kim, Ju Yeon Jo, H. Jonathan Chao, Frank Merat

Research output: Contribution to conferencePaperpeer-review

Abstract

We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

Original languageEnglish (US)
Pages183-190
Number of pages8
StatePublished - 2003
Event22nd IEEE International Performance, Computing, and Communications Conference - Phoenix, AZ, United States
Duration: Apr 9 2003Apr 11 2003

Other

Other22nd IEEE International Performance, Computing, and Communications Conference
Country/TerritoryUnited States
CityPhoenix, AZ
Period4/9/034/11/03

ASJC Scopus subject areas

  • Media Technology

Fingerprint

Dive into the research topics of 'High-speed router filter for blocking TCP flooding under DDoS attack'. Together they form a unique fingerprint.

Cite this