High-speed router filter for blocking TCP flooding under DDoS attack

Yoohwan Kim, Ju Yeon Jo, H. Jonathan Chao, Frank Merat

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

Original languageEnglish (US)
Title of host publicationIEEE International Performance, Computing and Communications Conference, Proceedings
EditorsA.D. George, E. Johnson, G.G. Richard III, G. Xue
Pages183-190
Number of pages8
StatePublished - 2003
Event22nd IEEE International Performance, Computing, and Communications Conference - Phoenix, AZ, United States
Duration: Apr 9 2003Apr 11 2003

Other

Other22nd IEEE International Performance, Computing, and Communications Conference
CountryUnited States
CityPhoenix, AZ
Period4/9/034/11/03

Fingerprint

Routers
Bandwidth
Telecommunication traffic
Computer hardware
Denial-of-service attack

ASJC Scopus subject areas

  • Media Technology

Cite this

Kim, Y., Jo, J. Y., Chao, H. J., & Merat, F. (2003). High-speed router filter for blocking TCP flooding under DDoS attack. In A. D. George, E. Johnson, G. G. Richard III, & G. Xue (Eds.), IEEE International Performance, Computing and Communications Conference, Proceedings (pp. 183-190)

High-speed router filter for blocking TCP flooding under DDoS attack. / Kim, Yoohwan; Jo, Ju Yeon; Chao, H. Jonathan; Merat, Frank.

IEEE International Performance, Computing and Communications Conference, Proceedings. ed. / A.D. George; E. Johnson; G.G. Richard III; G. Xue. 2003. p. 183-190.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, Y, Jo, JY, Chao, HJ & Merat, F 2003, High-speed router filter for blocking TCP flooding under DDoS attack. in AD George, E Johnson, GG Richard III & G Xue (eds), IEEE International Performance, Computing and Communications Conference, Proceedings. pp. 183-190, 22nd IEEE International Performance, Computing, and Communications Conference, Phoenix, AZ, United States, 4/9/03.
Kim Y, Jo JY, Chao HJ, Merat F. High-speed router filter for blocking TCP flooding under DDoS attack. In George AD, Johnson E, Richard III GG, Xue G, editors, IEEE International Performance, Computing and Communications Conference, Proceedings. 2003. p. 183-190
Kim, Yoohwan ; Jo, Ju Yeon ; Chao, H. Jonathan ; Merat, Frank. / High-speed router filter for blocking TCP flooding under DDoS attack. IEEE International Performance, Computing and Communications Conference, Proceedings. editor / A.D. George ; E. Johnson ; G.G. Richard III ; G. Xue. 2003. pp. 183-190
@inproceedings{c04eb3bfbe3b4338ad7b18b3e60c5ece,
title = "High-speed router filter for blocking TCP flooding under DDoS attack",
abstract = "We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9{\%} of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.",
author = "Yoohwan Kim and Jo, {Ju Yeon} and Chao, {H. Jonathan} and Frank Merat",
year = "2003",
language = "English (US)",
pages = "183--190",
editor = "A.D. George and E. Johnson and {Richard III}, G.G. and G. Xue",
booktitle = "IEEE International Performance, Computing and Communications Conference, Proceedings",

}

TY - GEN

T1 - High-speed router filter for blocking TCP flooding under DDoS attack

AU - Kim, Yoohwan

AU - Jo, Ju Yeon

AU - Chao, H. Jonathan

AU - Merat, Frank

PY - 2003

Y1 - 2003

N2 - We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

AB - We present a hardware solution that can reliably block most of the malicious TCP traffic at the edge routers while passing the legitimate TCP traffic during the Distributed Denial-of-Service (DDoS) attack. By allocating bandwidths separately for TCP, and TCP portion of the bandwidth can be protected. In simulation study, the filter successfully blocked 99.9% of the attack traffic while legitimate traffic showed nearly identical performance as in the non-attacked condition. This filtering is transparent to the hosts or routers and a filtering device can be easily attached to router ports.

UR - http://www.scopus.com/inward/record.url?scp=0038445134&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0038445134&partnerID=8YFLogxK

M3 - Conference contribution

SP - 183

EP - 190

BT - IEEE International Performance, Computing and Communications Conference, Proceedings

A2 - George, A.D.

A2 - Johnson, E.

A2 - Richard III, G.G.

A2 - Xue, G.

ER -