Tradeoffs of DDoS Solutions
Distributed denial of service (DDoS) has become a serious threat to the Internet. Many schemes against DDoS attacks have been proposed, including Ingress/Egress filtering, IP traceback, authentication, and so on. This paper focuses on tradeoffs of DDoS solutions. Three tradeoffs are considered, the first one is space, complexity, efficiency and robustness tradeoffs of these packet marking schemes; the second one is marking probability of node sampling scheme,the third one is timeout period of server for three-hand-shaking. Two schemes are suggested, one is combining node append scheme with node sampling scheme, the other is setting SYN timeout dynamically.Proper tradeoffs can be made using these schemes.
DDoS IP traceback tradeoff
Min Fan Zhang Jun-yan Li Wan-pei Yang Guo-wei
College of Computer Science and Engineering University of Electronic Science and Technology of China, Chengdu 610054, China
国际会议
成都
英文
198-200
2003-08-27(万方平台首次上网日期,不代表论文的发表时间)