期刊名称:International Journal of Software Engineering and Its Applications
印刷版ISSN:1738-9984
出版年度:2008
卷号:2
期号:4
出版社:SERSC
摘要:Denial of service attacks occur when the attacks are from a single host, whereas distributed denial of service attacks occur when multiple affected systems flood the bandwidth or resources of a targeted system. Although it is not possible to exempt entirely from denial of service or distributed denial of service attacks, we can limit the malicious user by controlling the traffic flow. In the paper, we propose to monitor the traffic pattern in order to alleviate distributed denial of service attacks. A bandwidth allocation policy will be adopted to assign normal users to a high priority queue and suspected attackers to a low priority queue. Simulations conducted in network simulator of our proposed priority queue-based scheme shows its effectiveness in blocking attacking traffic while maintaining constant flows for legitimate traffic.
