H.J. Kim, J.C. Na, and S.W. Sohn (Korea)
Response, DDoS, traceback, isolating, removing, and recovery
Distributed Denial of Service (DDoS) attacks are performed from multiple attack servers, which are remotely controllable by an attacker. These attacks typically exhaust bandwidth, router processing capacity, or network stack resources, so that they can have an extremely large impact on a network or Web site. Therefore the researches of DDoS response mechanism are increasing gradually, but they are very limited. This mechanism only checks the vulnerability of network hosts to prevent the installation of DDoS agent program, or if DDoS attackoccurs, it finds out the agent program and blocks the packets from that program, and then removes that program and recovers the hosts. Accordingly in this paper, we propose the DDoS response mechanism that not only removes DDoS agent programs but also isolates the only real attacker from the network by tracing the location of the master programs and real attacker.
Important Links:
Go Back
