Skip to Main Content
Because DDoS attacks destination servers from computers distributed all over network, it is very hard to locate attacking sources and resist DDoS. In this paper, a new defending mechanism based on registration and authentication against DDoS is proposed. By bidirectional warning messages, it can help locate attacking sources quickly and resist DDoS more exactly. According to the mechanism, all servers and routers applying for protecting from DDoS are required to register firstly, so that they can translate warning messages encrypted in public-key algorithm to prevent from spoofing. A flexible defending can be achieved by distributing filtering features and policies dynamically.