Download now Free registration required
This work combines two existing defenses against Distributed Denial-of-Service (DDoS) attacks - DefCOM and Speak-up - resulting in a synergistic improvement. DefCOM defense organizes existing source-end, victim-end and core defenses into a collaborative overlay to filter DDoS floods. Source networks that do not participate in DefCOM often receive poor service and their traffic is severely rate-limited. This is because core nodes in DefCOM that perform filtering lack cheap algorithms to differentiate legitimate from attack traffic at line speed - they must conservatively assume all high-rate traffic from legacy networks to be attack. Thus, in its attempt to mitigate DDoS, DefCOM ends up denying service during attacks to legitimate hosts that reside in legacy networks.
- Format: PDF
- Size: 499.29 KB