SSDC:A Server Side Solution to Detect Coremelt and Crossfire DDoS Attacks

• Main Authors: Hsi-Cheng Huang, 黃熙程
• Other Authors: Fu-Hau Hsu
• Format: Others
• Language: zh-TW
• Published: 2017
• Online Access: http://ndltd.ncl.edu.tw/handle/18886055799119843847

碩士 === 國立中央大學 === 資訊工程學系 === 105 === Due to the lack of effective solutions, DoS and DDoS attack is common on the internet now which cause serious damage. There are numerous types of DoS and DDos attack. Among them, Crossfire and Coremelt DDos Attack are considered as difficult problems by computer security experts. The main reason is that the attack packets which caused by Coremelt and Crossfire are not send to the target host machines directly but the machines controlled by attacker. (The target host machines are usually servers on the internet.) This feature of Coremetl and Crossfire leads to that it’s difficult to know the actual host machines which are participated in the attack from both the ISP side and the victim side. So that the target servers can only feel the abnormal situation but not know whether they suffered from Crossfire and Coremelt attack, even if target servers find that there are no client connections for a long time. In this project we will develop an server side system to detect whether the server side machine suffered from Crossfire and Coremelt attack and the location of the network segment which were paralyzed by Crossfire and Coremelt.