DOS(denial\|of\|service)/DDOS(distributed denial\|of\|service) network attack no t only causes harm to attacked target, but also disturbs other flows that share the same network with attacked target. By adding computing into every bosom node (route, switch), a mechanism system to recover and control DOS/DDOS attack which based on active network was advanced. The mechanism system was composed of three mechanisms: cluster-based automatic identification and control mechanism, cluster-based active notify trace mechanism and administration domain based control cooperation mechanism. Cluster-based automatic identification and control mechanism included identification policy of attack cluster and rate-limit policy of controlling them. Cluster-based active notify trace mechanism will notify the characteristic of attack cluster to upstream active node and activate local rate-limit policy. Effective recovery and the control o f DOS/DDOS attack can be realized by using this system at lab.
������, ������. Network DOS/DDOS������Ԥ������֮�о� . http://www.ncku.edu.tw/TANET2000/download/ A3-2,2000-10-21/2003-02 Yang Zixiang,Cai Xijun. The study of network DOS/DDOS attack and the technique of prevent . http://www.ncku.edu.tw/TANET2000/download/ A3-2,2000-10-21/2003-02(in Chinese)
Raul Mahajan, Sally Floyd. Controlling high-bandwidth flows at the congested router . http://www.cs.washington.edu/homes/ratul/red-pd/paper_icnp.pdf, 2000-11/2003- 02
Vern Paxson. An analysis of using reflectors to defeat DoS traceback.Ausus,t2000 .ftp:ftp.ee.lbl.gov/.vp-reflectors.txt, 2000-8/2003-2
Robert Stone. CenterTrack:an IP overlay network for tracking DoS floods . ��http://www.arbornetworks.com/downloads/����research51��/stone00centertrack new.pdf,2000-08/2003-02
Venkatachary Srinivasan, Geroge Varhese. Faster IP lookups using controlled prefix expansion . ��http://ccrc.wustl.edu/��~cheenu/papers/filucpe.ps,1998-02/2003-02
Tennenhouse D L, Smith J M, Sincoskie W D, et al. A survey of active network research[J].IEEE Communications Magazine.1997,35(1):80-86