This chapter, proposes Data Regulation Protocol (DRP), a hybrid (proactive as well as reactive) solution, to achieve packet filtering at the source end to mitigate distributed denial of service (DDoS). DRP is unique in a way, as it provides target controlled traffic regulation mechanism implemented at the source gateway. A capability based model using cryptographically secure hash functions is designed for the target to identify and filter malicious traffic. DRP provides the target the choice to opt out of communication with a non-adherent source network, any time it's overloaded. The gateway of a source network is held accountable for all of the egress traffic leaving the network. This provides an incentive for a source network to ensure each of its users complies with DRP target's requirements.
|Original language||English (US)|
|Title of host publication||Network Security, Administration and Management|
|Subtitle of host publication||Advancing Technology and Practice|
|Number of pages||11|
|State||Published - Dec 1 2011|
ASJC Scopus subject areas
- Computer Science(all)