2nd International ICST Conference on Scalable Information Systems

Research Article

Mitigating Distributed Denial-of-Service Attacks Using Network Connection Control Charts

Download449 downloads
  • @INPROCEEDINGS{10.4108/infoscale.2007.939,
        author={Qingtao Wu and Haichao Zhang and Jiexin Pu},
        title={Mitigating Distributed Denial-of-Service Attacks Using Network Connection Control Charts},
        proceedings={2nd International ICST Conference on Scalable Information Systems},
        proceedings_a={INFOSCALE},
        year={2010},
        month={5},
        keywords={Network security Distributed Denial-of-Service Shewhart’s control charts Automated response model},
        doi={10.4108/infoscale.2007.939}
    }
    
  • Qingtao Wu
    Haichao Zhang
    Jiexin Pu
    Year: 2010
    Mitigating Distributed Denial-of-Service Attacks Using Network Connection Control Charts
    INFOSCALE
    ICST
    DOI: 10.4108/infoscale.2007.939
Qingtao Wu1,*, Haichao Zhang1,*, Jiexin Pu2,*
  • 1: Electronic Information Engineering College, Henan University of Science and Technology Luoyang, Henan Province, China 86-379-64231192
  • 2: Electronic Information Engineering College, Henan University of Science and Technology Luoyang, Henan Province, China 86-379-64231795
*Contact email: wqt8921@126.com, haichaozh@tom.com, pjx@mail.haust.edu.cn

Abstract

In this paper, we present a simple, automated response model that utilizes the Shewhart's control charts based-on network connection to aid in handling DDoS attacks. This model is designed to prevent incoming traffic from exceeding a given threshold, while allowing as much incoming, legitimate traffic as possible. In addition, this model focuses on requiring less demanding modifications to external routers and networks than other published distributed response models that impact the effect of DDoS attacks. The experimental results show the effectiveness of our scheme in early mitigating DDoS attacks.