DMCA
Implementing Pushback: Router-Based Defense Against DDoS Attacks (2002)
Cached
Download Links
- [www.isoc.org]
- [www1.cs.columbia.edu]
- [www1.cs.columbia.edu]
- [www1.cs.columbia.edu]
- [www.research.att.com]
- [www.cs.columbia.edu]
- [www.cs.unc.edu]
- [www.cs.columbia.edu]
- [www.superfrink.net]
- [superfrink.net]
- [www1.cs.columbia.edu]
- [www.lasr.cs.ucla.edu]
- [www1.cs.columbia.edu]
- [www.cs.columbia.edu]
- [cs.unc.edu]
- [academiccommons.columbia.edu]
- DBLP
Other Repositories/Bibliography
| Venue: | In Proceedings of Network and Distributed System Security Symposium |
| Citations: | 349 - 4 self |
BibTeX
@INPROCEEDINGS{Ioannidis02implementingpushback:,
author = {John Ioannidis and Steven M. Bellovin},
title = {Implementing Pushback: Router-Based Defense Against DDoS Attacks},
booktitle = {In Proceedings of Network and Distributed System Security Symposium},
year = {2002}
}
Share
 |
 |
 |
 |
||
OpenURL
Abstract
Pushback is a mechanism for defending against distributed denial-of-service (DDoS) attacks. DDoS attacks are treated as a congestion-control problem, but because most such congestion is caused by malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled by the routers. Functionality is added to each router to detect and preferentially drop packets that probably belong to an attack. Upstream routers are also notified to drop such packets (hence the term Pushback) in order that the router's resources be used to route legitimate traffic. In this paper we present an architecture for Pushback, its implementation under FreeBSD, and suggestions for how such a system can be implemented in core routers.
