TITLE:
A Defense Framework against DDoS in a Multipath Network Environment
AUTHORS:
Ahmed Redha Mahlous
KEYWORDS:
DDoS, Multipath, Filtering, Traceback
JOURNAL NAME:
Communications and Network,
Vol.7 No.2,
April
9,
2015
ABSTRACT: The Internet is facing a major threat,
consisting of a disruption to services caused by distributed denial-of-service
(DDoS) attacks. This kind of attacks continues to evolve over the past two
decades and they are well known to significantly affectcompanies and
businesses. DDoS is a popular choice among attackers community. Such attack can
easily exhaust the computing and communication resources of its victim within a
short period of time. Many approaches to countering DDoS attacks have been
proposed, but few have addressed the use of multipath. In this paper, we
analyze, how multipath routing based solutions could be used to address the
DDoS problem. The proposed framework traces back the attack to its source and
blocks it. It also calculates multiple paths to the attacker (if they exist)
and alerts all gateways near the attacker to block possible traffic originating
from this source in case another path(s) is (are) later used to attack the
victim again. We demonstrate that our scheme performs better that other single
path schemes.