Detecting DDoS attacks by analyzing client response patterns

被引:0
作者
Soejima, Y
Chen, EY
Fuji, H
机构
来源
2005 SYMPOSIUM ON APPLICATIONS AND THE INTERNET WORKSHOPS, PROCEEDINGS | 2005年
关键词
D O I
10.1109/SAINTW.2005.1619987
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Distributed Denial of Service (DDoS) attacks is becoming a serious threat on the Internet. Not only network professionals but also end users are now aware of the attacks. Most of these attacks simply flood a massive amount of packets towards a target. In this paper, we propose to detect DDoS attacks by analyzing client response patterns after the reply packets from the server are intentionally delayed. While legitimate clients would react to such delay by decreasing their sending rates, malicious clients would simply keep on flooding the server. The effectiveness of this proposal is evaluated using our prototype.
引用
收藏
页码:98 / 101
页数:4
相关论文
共 6 条
  • [1] *CAPT NETW, CAPT TLIDS 6 2 WHIT
  • [2] Moore D., 2001, P 10 USENIX SEC S
  • [3] PARTRIDGE C, 1990, 1151 RFC BBN CORP
  • [4] REJAIE R, 1999, P IEEE INFOCOM 99
  • [5] Real-Time Internet Video Using Error Resilient Scalable Compression and TCP-Friendly Transport Protocol
    Tan, Wai-Tian
    Zakhor, Avideh
    [J]. IEEE TRANSACTIONS ON MULTIMEDIA, 1999, 1 (02) : 172 - 186
  • [6] Vicisano L, 1998, IEEE INFOCOM SER, P996, DOI 10.1109/INFCOM.1998.662909
1