论文信息 - Active Networks

Active Networks

Distributed Denial of Service (DDoS) attacks are a pressing problem on the Internet as demonstrated by recent attacks on major e-commerce servers and ISPs. Since their threat lies in the inherited weaknesses of the TCP/IP, an effective solution to DDoS attacks must be formulated in conjunction with a new networking paradigm, such as Active Networks. In this paper, we introduce a conceptual framework called Aegis, which we propose as a defense mechanism against DDoS attacks. The core-enabling technology of this framework is the Active Network, which incorporates programmability into intermediate network nodes and allows end-users to customize the way network nodes handle data traffic. By introducing Aegis, we also wish to demonstrate some of the new possibilities that the Active Networks can offer.

J. van Leeuwen

[1] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.

[2] Yuval Shavitt,et al. An Active Network Approach to Efficient Network Management , 1999, IWAN.

[3] William Stallings,et al. SNMP, SNMPv2, SNMPv3, and RMON 1 and 2 , 1999 .

[4] Hilarie K. Orman,et al. Activating Networks: A Progress Report , 1999, Computer.

[5] Robert Stone,et al. CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.

[6] Robert Wahbe,et al. Efficient software-based fault isolation , 1994, SOSP '93.

[7] Vern Paxson,et al. An architecture for large-scale Internet measurement , 1998, IEEE Commun. Mag..

[8] Rolf Stadler,et al. Active Distributed Management for , 2000 .

[9] K. K. Ramakrishnan,et al. A Proposal to add Explicit Congestion Notification (ECN) to IP , 1999, RFC.