论文信息 - DoS packet filter using DNS information

DoS packet filter using DNS information

A DoS (denial of service) attack is one of the most serious threats in the Internet. It is important to protect the resources and services from the DoS attack, but it is difficult to distinguish normal traffic and DoS attack traffic because the DoS attackers generally hide their true identities/origins. In this paper, we propose a technique to reduce the influence of the DoS attack without disturbing the demand of the regular users by allocating the information, when DoS attack occurs, to the filtering rules. This can be done by using DNS request replies.

[1] Alex C. Snoeren,et al. Hash-based IP traceback , 2001, SIGCOMM '01.

[2] Peter Reiher,et al. A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[3] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.

[4] Stephen Northcutt,et al. Intrusion Signatures and Analysis , 2001 .