Skip to Main Content
Denial of service (DoS) attacks represent, in today's Internet, one of the most complex issues to address. A session is under a DoS attack if it cannot achieve its intended throughput due to the misbehavior of other sessions. Many research studies dealt with DoS, proposing models and/or architectures mostly based on an attack prevention approach. Prevention techniques lead to different models, each suitable for a single type of misbehavior, but do not guarantee the protection of a system from a more general DoS attack. We analyze the fundamental requirements to be satisfied in order to protect hosts and routers from any form of distributed DoS (DDoS). Then we propose a network signaling protocol, named active security protocol(ASP), which satisfies most of the defined requirements. ASP provides an active protection from a DDoS attack, being able to adapt its defense strategies to the current type of violation. Protocol specification and design are performed using an object oriented methodology: we used Unified Modeling Language (UML) as a software description language.