Abstract
traceback. Abstract. An overlay network based traceback scheme against DDoS attacks is proposed in this paper. A CAT server is set in each ISP domain, and receives the alert packets from routers in the domain. According to the alert packets, the intra-domain attack tree is constructed. An alert will be sent to the victim once an intra-domain attack tree is formed. The inter-domain attack tree is constructed at the CAT server of the victim end according to the received alert packets from upstream domains. The traceback request is sent to each CAT server of the inter-domain attack tree once the DDoS attacks are detected. Having received the request, the CAT server will find the attack source along the intra-domain attack tree, and take measures to stop DDoS attacks. The proposed scheme implements two-phase traceback of DDoS attacks effectively and fast.
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call