Abstract

This work combines two existing defenses against distributed denial-of-service (DDoS) attacks - DefCOM and speak-up - resulting in a synergistic improvement. DefCOM defense organizes existing source-end, victim-end and core defenses into a collaborative overlay to filter DDoS floods. Source networks that do not participate in DefCOM often receive poor service and their traffic is severely rate-limited. This is because core nodes in DefCOM that perform filtering lack cheap algorithms to differentiate legitimate from attack traffic at line speed - they must conservatively assume all high-rate traffic from legacy networks to be attack. Thus, in its attempt to mitigate DDoS, DefCOM ends up denying service during attacks to legitimate hosts that reside in legacy networks. Speak-up is a recently proposed defense, which invites all clients of the DDoS victim to send additional payment traffic, with the assumption that attack …

Date

May 19, 2008

Authors

Mohit Mehta, Kanika Thapar, George Oikonomou, Jelena Mirkovic

Conference

2008 IEEE International Conference on Communications

Pages

1708-1714

Publisher

IEEE