DDoS Defense Using User Cooperation 


Vol. 33,  No. 4, pp. 136-142, Apr.  2008


PDF Full-Text
  Abstract

A novel DDoS (Distributed Denial-of-Service) defense technique using user cooperaton is proposed in this work. It avoids the problems of network congestion and unfairness of the Defense-by-Offense technique by incorporating a kind of simple Detect-and-Block scheme (user identification), still improving the effectiveness of the defense in comparison to the original Defense-by-Offense technique. We use SYN cookies to identify users in granularity of ip address and to prevent ip address spoofing by the attacker. There can be, however, some probability of false negative (denying service to good clients), if the attacker wisely adapt to the new technique by saving some portion of its bandwidth resource and later mimicking good clients. Quantitative analysis on the requirement for the good clients to be safe from the false negative is provided and a procedure to design the server capacity is explained.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

C. Jeong and J. Oh, "DDoS Defense Using User Cooperation," The Journal of Korean Institute of Communications and Information Sciences, vol. 33, no. 4, pp. 136-142, 2008. DOI: .

[ACM Style]

Choong-Kyo Jeong and Ji-Hyun Oh. 2008. DDoS Defense Using User Cooperation. The Journal of Korean Institute of Communications and Information Sciences, 33, 4, (2008), 136-142. DOI: .

[KICS Style]

Choong-Kyo Jeong and Ji-Hyun Oh, "DDoS Defense Using User Cooperation," The Journal of Korean Institute of Communications and Information Sciences, vol. 33, no. 4, pp. 136-142, 4. 2008.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880