Abstract

A successful source-end DDoS (distributed denial-of-service) defense enables early suppression of the attack and minimizes collateral damage. However, such an approach faces many challenges: (a) distributing the attack hinders detection; (b) defense systems must guarantee good service to legitimate traffic during the attack; and (c) deployment costs and false alarm levels must be sufficiently small and effectiveness must be high to provide deployment incentive. We discuss each of the challenges and describe one successful design of a source-end DDoS defense system-the D-WARD system. D-WARD was implemented in a Linux router. We include experimental results to illustrate D-WARD's performance.

Date

April 18, 2003

Authors

Jelena Mirkovic, Gregory Prier, Peter Reiher

Conference

Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003.

Pages

171-178

Publisher

IEEE