The damages from DDoS attacks are increasing as DDoS attacks are taking various forms. This has resulted not only in decreased reliability of organizations and corporations but also in the threat of national security. Organizations and corporations are making significant efforts in developing a system through which they can appropriately correspond to DDoS attacks. However, the studies on objec...

Spoofing source IP addresses is always utilized to perform Distributed Denial-of-Service (DDoS) attacks. Most of current detection and prevention methods against DDoS ignore the innocent side, whose IP is utilized as the spoofed IP by the attacker. In this paper, a novel method has been proposed to against the direct DDoS attacks, which consists of two components: the client detector and the se...

DDoS attacks aim to exhaust the resources of victims, such as network bandwidth, computing power and operating system data structures. Early DDoS attacks emerged around the year 2000, and well-known web sites, such as CNN, Amazon and Yahoo, have been the targets of hackers since then. The purpose of early attacks was mainly for fun and curiosity about the technique. However, recently we have wi...

Resisting distributed denial of service (DDoS) attacks become more challenging with the availability of resources and techniques to attackers. The application-layer-based DDoS attacks utilize legitimate HTTP requests to overwhelm victim resources are more undetectable and are protocol compliant and non-intrusive. Focusing on the detection for application layer DDoS attacks, the existing scheme ...

The threat of DDoS attack are mainly directed at home and SOHO network that lacks the incentive, expertise, and financial means to defend themselves. This paper proposes an Autonomous Anti-DDoS Network Design (A2D2) that integrates and improves existing technologies. A2D2 enables SOHO networks to take control of their own defense within their own boundary. Testbed results show that A2D2 is effe...

This paper describes the first hand experiences of the electronic point of care (ePOC) project team and the project management and research and development issues that emerged over the course of a collaborative 3 year eHealth project. The paper highlights that despite the best of intentions by project managers, researchers and developers, a technologically innovative concept is no guarantee of ...

The move toward practical use of modern naval network-centric warfare (NCW) brings with it the benefits caused by applying distributed computing to gain superiority over its adversary. However, the adversary will attempt to attack information infrastructures used in NCW. One effective means of destruction of such infrastructures is the use of distributed denial-of-service (DDoS) attacks. The pr...

The wireless ad hoc network is particularly vulnerable to DOS attacks due to its features of open medium, dynamic changing topology, cooperative algorithms, decentralization of the protocols, and lack of a clear line of defense is a growing problem in networks today. In Mobile Ad hoc Networks (MANET), various types of Denial of Service Attacks (DOS) are possible because of the inherent limitati...

Nowadays, many companies and/or governments require a secure system and/or an accurate intrusion detection system (IDS) to defend their network services and the user’s private information. In network security, developing an accurate detection system for distributed denial of service (DDoS) attacks is one of challenging tasks. DDoS attacks jam the network service of the target using multiple bot...

We describe a defense system to contain Distributed Denial-of-Service (DDoS) flooding attacks in highspeed networks. We aim at protecting TCP friendly traffic, which forms a large portion of Internet traffic. DDoS flooding attacks tend to establish large numbers of malicious traffic flows to congest network. These flows are marked as TCP flows, and use spoofed source identifiers to hide their i...