Eliminating D-Dos Attack Using Packet Score Scheme
Second National Conference on Signal Processing, Communications and VLSI Design (NCSCV ’10), Anna University, 2010
Posted: 20 Oct 2013
Date Written: May 07, 2010
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper introduces a DDoS defense scheme that supports automated online attack characterizations and accurate attack packet discarding based on statistical processing. The key idea is to prioritize a packet based on a score which estimates its legitimacy given the attribute values it carries. Once the score of a packet is computed, this scheme performs score-based selective packet discarding where the dropping threshold is dynamically adjusted based on the score distribution of recent incoming packets and the current level of system overload. This paper describes the design and evaluation of automated attack characterizations, selective packet discarding, and an overload control process. Special considerations are made to ensure that the scheme is amenable to high-speed hardware implementation through scorebook generation and pipeline processing. A simulation study indicates that Packet Score is very effective in blocking several different attack types under many different conditions.
Keywords: Conditional Legitimate Probability (CLP), Cumulative Distribution Function (CDF), Distributed Denial-of- Service (DDoS), User Datagram Protocol (UDP)omponent
Suggested Citation: Suggested Citation