Date Added: May 2009
With the successful use of router technique, one consider to give routers additional function to defect and defend against LDOS. LDOS is a kind of miniature network attack which can affect TCP flows to zero or very low transmission bandwidth, just because it takes advantage of retransmission timeout of TCP. This sort of attack is difficult to identify due to its good cryptcity. The author appiciate the distributed detection mechanism, and one add a new fast detection function on it. One can accurately and fast find and locate the LDOS with it. Otherwise, one always try to remove the attack without complicated arithmetic or losing legal data. At the end of this paper, one will show the new way can break up the attack burst into parts.