Differentiating malicious DDoS attack traffic from normal TCP flows by proactive tests

Zhiqiang Gao, Nirwan Ansari

Research output: Contribution to journalArticlepeer-review

24 Scopus citations

Abstract

To defend against distributed denial of service (DDoS) attacks, one critical issue is to effectively isolate the attack traffic from the normal ones. A novel DDoS defense scheme based on TCP is hereby contrived because TCP is the dominant traffic for both the normal and lethal flows in the Internet. Unlike most of the previous DDoS defense schemes that are passive in nature, the proposal uses proactive tests to identify and isolate the malicious traffic. Simulation results validate the effectiveness of our proposed scheme.

Original languageEnglish (US)
Pages (from-to)793-795
Number of pages3
JournalIEEE Communications Letters
Volume10
Issue number11
DOIs
StatePublished - Nov 2006

All Science Journal Classification (ASJC) codes

  • Modeling and Simulation
  • Computer Science Applications
  • Electrical and Electronic Engineering

Keywords

  • DDoS defense
  • Proactive test
  • TCP

Fingerprint

Dive into the research topics of 'Differentiating malicious DDoS attack traffic from normal TCP flows by proactive tests'. Together they form a unique fingerprint.

Cite this