A Service Architecture for Countering Distributed Denial of Service Attacks

We present AMP, a novel service architecture for countering distributed denial of service (dDos) attacks. AMP uses dynamically configured network components to perform traffic monitoring, filtering and detection of commonly known attacks. It does not require universal deployment and is complementary...

Full description

Saved in:
Bibliographic Details
Published in21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07) Vol. 1; pp. 36 - 42
Main Authors Zaffar, F., Kedem, G.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.05.2007
Subjects
Communication system traffic control
Computer architecture
Computer crime
Counting circuits
Filtering
Floods
Internet
Large-scale systems
Throughput
Web server
Online AccessGet full text

Cover

More Information
Summary:We present AMP, a novel service architecture for countering distributed denial of service (dDos) attacks. AMP uses dynamically configured network components to perform traffic monitoring, filtering and detection of commonly known attacks. It does not require universal deployment and is complementary to other schemes for countering dDoS attacks, however with the use of collaborative policing techniques, the performance of the scheme can be improved greatly. In addition, it is economically viable, it can be offered as a service to the customers by service providers. We give a detailed design of our system which we implemented on our simulation test-bed. Performance evaluation of our system shows that using our scheme we were able to recover 83% of throughput lost during an attack.
ISBN:0769528473
9780769528472
DOI:10.1109/AINAW.2007.56