Rate Limiting with Network Monitor Approach to Counter DDoS Attacks in Distributed Computing Environments
In the mitigation of DDoS attacks, rate-limiting seems to be one of the viable strategies. On top of that, cooperative security management can help achieve higher effectiveness of DDoS defence mechanisms. Two rate-limiting DDoS mitigation mechanisms, the pushback mechanism and the level-k max-min mechanism are compared in this paper. A network monitor simulation model is also proposed and implemented. Using the survivability and delay metrics defined, simulation results showed that clear distinctions in router congestion levels can be identified during a DDoS attack, showing the potential of such a tool in gauging the effectiveness of DDoS defences, possibly in distributed computing environments.
Distributed Denial-of-Service (DDoS) attacks Rate-limiting Mechanisms Distributed System Architecture
Ong Ghim Hwee Koh Wee Kiat
School of Computing, National University of Singapore Republic of Singapore
国际会议
杭州
英文
89-94
2006-10-12(万方平台首次上网日期,不代表论文的发表时间)