Title: A Rule-based Detection Mechanism against Distributed Denial of Service Attacks

Year of Publication: 2015
Page Numbers: 38-45
Authors: Chin-Ling Chen, Hsin-Chiao Chen
Conference Name: The Third International Conference on Digital Enterprise and Information Systems (DEIS2015)
- China


We have designed a novel flow detection that is a software module on a router/server that inspects the aggregate of arrival packets in a timely manner. The flow detection has established an application monitoring distributed denial of service (DDoS) attacks. We adopt TFN2K (Tribe Flood, the Net 2K) as an attack traffic generator and monitor the system resource of the victim target like CPU utilization, memory usage, consumed by attack traffic. The types of attack traffic have been analyzed and by that we develop a defense scheme. The experiment has demonstrated that the proposed scheme can effectively prevent the attack traffic with coordinating the firewall.