Detecting and Preventing IP-Spoofed Distributed DoS Attacks

Provided by: University of Otago
Topic: Security
Format: PDF
In this paper, the authors explore mechanisms for defending against Distributed Denial of Service (DDoS) attacks; have become one of the major threats to the operation of the internet today. They propose a novel scheme for detecting and preventing the most harmful and difficult to detect DDoS attacks - those that use IP address spoofing to disguise the attack flow. Their scheme is based on a firewall that can distinguish the attack packets (containing spoofed source addresses) from the packets sent by legitimate users, and thus filters out most of the attack packets before they reach the victim.

Find By Topic