Data regulation protocol for source-end mitigation of distributed denial of service

Nirav Shah, Dijiang Huang

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

This chapter, proposes Data Regulation Protocol (DRP), a hybrid (proactive as well as reactive) solution, to achieve packet filtering at the source end to mitigate distributed denial of service (DDoS). DRP is unique in a way, as it provides target controlled traffic regulation mechanism implemented at the source gateway. A capability based model using cryptographically secure hash functions is designed for the target to identify and filter malicious traffic. DRP provides the target the choice to opt out of communication with a non-adherent source network, any time it's overloaded. The gateway of a source network is held accountable for all of the egress traffic leaving the network. This provides an incentive for a source network to ensure each of its users complies with DRP target's requirements.

Original languageEnglish (US)
Title of host publicationNetwork Security, Administration and Management
Subtitle of host publicationAdvancing Technology and Practice
PublisherIGI Global
Pages277-287
Number of pages11
ISBN (Print)9781609607777
DOIs
StatePublished - Dec 1 2011

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'Data regulation protocol for source-end mitigation of distributed denial of service'. Together they form a unique fingerprint.

  • Cite this

    Shah, N., & Huang, D. (2011). Data regulation protocol for source-end mitigation of distributed denial of service. In Network Security, Administration and Management: Advancing Technology and Practice (pp. 277-287). IGI Global. https://doi.org/10.4018/978-1-60960-777-7.ch014