Active countermeasure platform against DDoS attacks

Dai Kashiwa, Eric Y. Chen, Hitoshi Fuji, Shuichi Machida, Hiroshi Shigeno, Ken Ichi Okada, Yutaka Matsushita

研究成果: Article査読

4 被引用数 (Scopus)


Distributed Denial of Service (DDoS) attacks are a pressing problem on the Internet as demonstrated by recent attacks on major e-commerce servers and ISPs. Since the attack is highly distributed, an effective solution must be formulated with a distributed approach. Recently, some solutions, in which intermediate network nodes filter or shape congested traffic, have been proposed. These solutions may decrease the congested traffic, but they still cause "collateral victims problem." that is, legitimate packets may be discarded mistakenly. In this paper, we propose Active Countermeasure Platform to minimize traffic congestion and to address the collateral victim problem using the Active Networks paradigm, which incorporates programmability into intermediate network nodes. Our platform can prevent overloading of the target and consuming the network bandwidth of both the backbone and the protected site autonomously. In addition, it can improve the collateral victim problem based on user policy. This paper shows the concept of our platform, system design and evaluation of the effectiveness using a prototype.

ジャーナルIEICE Transactions on Information and Systems
出版ステータスPublished - 2002 12月

ASJC Scopus subject areas

  • ソフトウェア
  • ハードウェアとアーキテクチャ
  • コンピュータ ビジョンおよびパターン認識
  • 電子工学および電気工学
  • 人工知能


「Active countermeasure platform against DDoS attacks」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。