| Summary: | 碩士 === 國立清華大學 === 通訊工程研究所 === 92 === Nowadays, flooding attack is the most common network threat and to alleviation this kind of attack is the most important security topic. Attacker makes a large amount of traffic to consume the bandwidth which causes network congestion and limits new connection establishment from other users. They also waste server capacity, cause the server always busy and deny services for normal users. These are well-known DoS attack and DDoS attack. All of current “security information management” (SIM) products only provide functions to report events, to monitor, and to trigger alerts. No active alleviation procedure is included, thus they can only detect attack without any prevention. Heterogeneous network security devices including SIM, statistically-based IDS, protocol anomaly IDS and firewall have been widely implemented in the most networks. In this thesis, based on heterogeneous network, we not only propose a flooding unthreat network (FUN) architecture to integrate different types of IDS systems but also explore a better intelligence mechanism to deterrent flooding attack. The “black list” and “fair allocation list” mechanisms are designed to block the attack traffic at its ingress firewall. The simulation result and performance improvement of the proposed FUN system are also illustrated.
|
|---|
