Distributed Denial of Service Flooding Attacks

Preventing Distributed Denial of Service Flooding Attacks with Dynamic Path Identifiers


In recent years, there are increasing interests in using path identifiers (PIDs) as inter-domain routing objects. However, the PIDs used in existing approaches are static, which makes it easy for attackers to launch distributed denial-of service (DDoS) flooding attacks. To address this issue, in this paper, we present the design, implementation, and evaluation of D-PID, a framework that uses PIDs negotiated between neighbouring domains as inter-domain routing objects. In DPID, the PID of an inter-domain path connecting two domains is kept secret and changes dynamically. We describe in detail how neighbouring domains negotiate PIDs, how to maintain ongoing communications when PIDs change. We build a 42-node prototype comprised by six domains to verify D-PID’s feasibility and conduct extensive simulations to evaluate its effectiveness and cost. The results from both simulations and experiments show that D-PID can effectively prevent DDoS attacks.

Reference IEEE paper:

“Preventing Distributed Denial-of-Service Flooding Attacks with Dynamic Path Identifiers”, IEEE TRANSACTIONS ON INFORMATION AND FORENSICS SECURITY, 2017.

Unique ID – SBI1075


Book your project Now.  Checkout other projects here

Leave a Reply

Your email address will not be published. Required fields are marked *