Title: Protecting information infrastructure from DDoS attacks by MADF

Authors: Yang Xiang, Wanlei Zhou

Addresses: School of Management and Information Systems, Central Queensland University, Rockhampton, Australia. ' School of Engineering and Information Technology, Deakin University, Melbourne, Australia

Abstract: Distributed Denial of Service (DDoS) attacks have become one of the most serious threats to the information infrastructure. In this paper, we propose a new approach, Mark-Aided Distributed Filtering (MADF), to find the network anomalies by using a back-propagation neural network. The marks in the IP header that are generated by a group of IP traceback schemes called Deterministic Packet Marking (DPM)/Flexible Deterministic Packet Marking (FDPM) assist this process of identifying and filtering attack packets. MADF can detect and filter DDoS attack packets with high sensitivity and accuracy, thus providing high legitimate traffic throughput and low attack traffic throughput.

Keywords: network security; DDoS; distributed filtering; neural networks; traceback; distributed DoS; denial of service; packet marking; DoS attacks; attack packets; high performance networking; information infrastructure; protection.

DOI: 10.1504/IJHPCN.2006.013491

International Journal of High Performance Computing and Networking, 2006 Vol.4 No.5/6, pp.357 - 367

Published online: 01 May 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article