Skip to Main Content
DDoS flows that do not cut down their sending rates after their packets are dropped will hog the buffer space at routers and deprive all other flows of their fair share of bandwidth. Based on the network behavior, this paper studies the defense mechanism of DDoS from the aspect of congestion control. And in the simulation environment of DDoS, this paper studies the RED (random early detection) algorithm that is a congestion control strategy based on routers. Simulation results show that RED provides little protection from high bandwidth flows that take much wide bandwidth, which can result in extreme unfairness among per-flow. Based on the viewpoint, we put forward further improvement for the mechanism of congestion control based on routers.