Abstract
We propose modifications to the automated model to counteract TCP SYN Distributed Denial of Service (DDoS) attacks nearest to the attacking source and also discuss the prototype implementation of our technique. It should be noted that we are not solving the TCP SYN problem, but we are enabling the victim to differentiate between the traffic originating from good and bad network domains, trace the router that is nearest to attacking source with a single packet even if the source address of the packet is spoofed and prevent the attack traffic at the router which is nearest to the attacking source. Since our model is invoked only during attack times, it has very less overhead and the main advantage of this technique is that the victim can provide better service for traffic originating from good network domain and completely eliminate or provide limited service for the traffic originating from bad network domaia
| Original language | English |
|---|---|
| Title of host publication | GLOBECOM'04 - IEEE Global Telecommunications Conference |
| Editors | Soontorn Oraintara |
| Place of Publication | Piscataway, NJ |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 2240-2244 |
| Number of pages | 5 |
| ISBN (Print) | 9780780387959, 9780780387942 |
| Publication status | Published - 2004 |
| Event | GLOBECOM'04 - IEEE Global Telecommunications Conference - Dallas, TX, United States Duration: 29 Nov 2004 → 3 Dec 2004 |
Other
| Other | GLOBECOM'04 - IEEE Global Telecommunications Conference |
|---|---|
| Country/Territory | United States |
| City | Dallas, TX |
| Period | 29/11/04 → 3/12/04 |