Abstract
In this paper, DDoS attack traceback and mitigation system (DATMS) is proposed to trace the DDoS attack sources based on network performance monitoring. By monitoring packet loss rate and packet arrival rate, the routers can be traced as near as attack sources on victim flows, called approximate attack entry nodes (AENs), can be traced as near as attack sources. DATMS adopts on-line analysis instead of post-mortem analysis to reduce the trace time. In addition, the packet filter controller which adapts to queue length is proposed to mitigate the DDoS attacks. Since it is extremely difficult to distinguish attack flows and victim flows on core routers, the proposed packet filter is very simple and has lower overhead. Finally, the experimental results from NS-2 simulations show that the DDoS attacks are effectively mitigated by DATMS.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
