|
|
 |
| |
|
|
|
A Hybrid Defense Technique for ISP Against the Distributed Denial of Service Attacks |
|
|
|
PP: 2347-2359 |
|
|
|
Author(s) |
|
|
|
Young Hoon Moon,
Suk Bong Choi,
Huy Kang Kim,
Changsok Yoo,
|
|
|
|
Abstract |
|
|
| As malicious traffic from botnets now threatens the network infrastructure of Internet Service Providers (ISPs), the
importance of controlling botnets is greater than ever before. However, it is not easy to handle rapidly evolving botnets efficiently
because of the highly evolved detection avoidance techniques used by botnet makers. Further, nowadays, Distributed Denial of Service
(DDoS) attacks can compromise not only specific target sites but also the entire network infrastructure, as high-bandwidth Internet
services are now being provided. Thus, ISPs are deploying their own defense systems to prevent DDoS attacks and protect their network
infrastructure. However, the new problem ISPs confront is that botnet masters also try to destroy their defense systems to make their
attack successful. ISPs can mitigate DDoS through botnet-specific management by taking preemptive measures, such as the proactive
reverse engineering of suspicious code and the use of honeypots. This paper illustrates an advanced DDoS defense technique for the
use of ISPs with a real case study of the technique’s implementation. This technique was proven very effective method for controlling
botnets, and we could confirm this effectiveness in a real ISP environment. |
|
|
|
|
|
|
|
