By Topic

High-speed router filter for blocking TCP flooding under DDoS attack

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Yoohwan Kim ; Electr. Eng. & Comput. Sci. Dept, Case Western Reserve Univ., Cleveland, OH, USA ; Ju-Yeon Jo ; H. J. Chao ; F. Merat

We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during a distributed denial-of-service (DDoS) attack on the Internet. By allocating bandwidths separately for TCP, the TCP portion of the bandwidth can be protected. In a simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

Published in:

Performance, Computing, and Communications Conference, 2003. Conference Proceedings of the 2003 IEEE International

Date of Conference:

9-11 April 2003