DDoS Defense Algorithm Based on Multi-Segment Timeout Technology

Through the analysis to the DDoS(distributed denial of service) attack, it will conclude that at different time segments, the arrive rate of normal SYN (Synchronization) package are similar, while the abnormal packages are different with the normal ones. Toward this situation a DDoS defense algorith...

Full description

Saved in:
Bibliographic Details
Published inWuhan University journal of natural sciences Vol. 11; no. 6; pp. 1823 - 1826
Main Authors Ruizhong, Du, Xiaohui, Yang, Xiaoxue, Ma, Xinfeng, He
Format Journal Article
LanguageEnglish
Published Institute of Network Technology, Hebei University, Baoding 071002, Hebei, China 01.11.2006
Subjects
DDoS
净流量分析
动态防御
网络安全
dynamic defense
DDoS(distributed denial of service)
multi-segments timeout
net flow analysis
Online AccessGet full text

Cover

More Information
Summary:Through the analysis to the DDoS(distributed denial of service) attack, it will conclude that at different time segments, the arrive rate of normal SYN (Synchronization) package are similar, while the abnormal packages are different with the normal ones. Toward this situation a DDoS defense algorithm based on multi-segment timeout technology is presented, more than one timeout segment are set to control the net flow. Experiment results show that in the case of little flow, multi-segment timeout has the ability dynamic defense, so the system performance is improved and the system has high response rate.
Bibliography:multi-segments timeout
DDoS(distributed denial of service); multi-segments timeout; dynamic defense; net flow analysis
TP393
dynamic defense
DDoS(distributed denial of service)
net flow analysis
42-1405/N
SourceType-Scholarly Journals-2
ObjectType-Feature-2
ObjectType-Conference Paper-1
content type line 23
SourceType-Conference Papers & Proceedings-1
ObjectType-Article-3
ISSN:1007-1202
1993-4998
DOI:10.1007/BF02831884