| Summary: | 碩士 === 國立中興大學 === 電機工程學系所 === 96 === The increasing denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are severe treats for internet service. Internet connections or victims were jammed by many useless packets that were sent from a large number of compromised hosts caused by DDoS attacks. Although many techniques have been proposed to defend from the DDoS attacks, they are still hard to respond the flooding-based DDoS attacks. These attacks are launched from a large number of infected hosts. Those infected hosts are simple to implement but difficult to prevent, therefore hard to trace. In this thesis, we propose a new defending system called autonomous system (AS) based defense system to countermeasure the flooding-based DoS/DDoS attacks. The defend system can replace the value in ID field of the IP packet by an autonomous system number (ASN) so that it can be efficiently recognized. Based on the design, this system can resolve the troublesome caused by the flooding-based DoS/DDoS attacks and provide better internet security.
|
|---|
