A Novel Method of Defending Flooding DoS Attack Based on Aggregate Traffic Classification

Based on the status of the protected host and the identification of the key aggregate traffic, a new method is put forward to classify the aggregate traffic in a fine-granularity. A new mechanism of defending against the flooding DoS attack based on aggregate traffic control in the controllable network is also described, which cooperates between the monitor sensors and the controllable routers in security. Through constantly adjusting the classify policies of aggregate traffic and the parameters of rampart control mechanism in the controllable route, it can effectively control the malicious aggregate traffic, and thus make the load of protected host and network keep a normal level under the situation of flooding DoS attack and satisfy the QoS of key aggregate traffic.