Avaliação de Proteção contra Ataques de Negação de Serviço Distribuídos (DDoS) utilizando Lista de IPs Confiáveis

Luis OliveiraRafael AschoffBruno LinsEduardo FeitosaDjamel Sadok

The severity of the problems caused by DDoS attacks and its increase of frequency and sophistication have contributed for the appearance of a great number of defense mechanisms. In this work a prevention and detection system for DDoS attacks is proposed. It is based on modular architecture. The main idea behind this solution consists in keeping a table with the description of the history of "good" connections already established with the network, so that during attack situations these are favored with most of the bandwidth available to the detriment of unknown connections and/or possible aggressors who will be limited by filters. The results of the tests demonstrated that this approach presents good performance against massive DDoS attacks, great scalability and low consumption of system resources.

Caso o link acima esteja inválido, faça uma busca pelo texto completo na Web: Buscar na Web

Biblioteca Digital Brasileira de Computação - Contato:
     Mantida por: