Abstract
Denial of Service (DoS) attacks are one of the major threats to the security of networks and online servers. Active Queue Management (AQM) is an effective mechanism to prevent DoS attacks at edge routers. However, some DoS flows may have low bit rates, as they do not consume more than a fair share to avoid being detected by an AQM. AQM schemes also fall short of detecting DoS attacks conducted through IP spoofing. This paper proposes a novel AQM scheme, called Deterministic DoS Prevention (DDP) to avoid low-rate DoS attacks on infrastructure and application levels, attacks caused by unresponsive or responsive flows using IP spoofing, and the attacks having high bit rates. The performance of DDP is evaluated in comparison with an eminent AQM based DoS prevention scheme. Simulation results demonstrate the effectiveness of DDP in effectively detecting IP spoofing and filtering malicious flows that orchestrate high-rate and low-rate DoS attacks.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
