SOFTWARE FOR NETWORK TRAFFIC FILTERING DURING DISTRIBUTED DENY OF SERVICE ATTACKS
Main Article Content
Abstract
In present paper software is proposed that allows blocking network trafficfrom dedicated devices involved in a distributed network attack. Network traffic is filteredon the border router using a list of blocking rules. Network traffic analysis is used forcompile a reliable filtering list. It is shown that network addresses of attacking devices areused to reliably block unwanted traffic. Software has been tested on Cisco network routers.Obtained results can be used to create new technical means of mitigating a distributedattack on the network resources of organizations.
Downloads
Download data is not yet available.
Article Details
How to Cite
1. Dmitriev A., Gladnev A. SOFTWARE FOR NETWORK TRAFFIC FILTERING DURING DISTRIBUTED DENY OF SERVICE ATTACKS // ПРОБЛЕМЫ ПРАВОВОЙ И ТЕХНИЧЕСКОЙ ЗАЩИТЫ ИНФОРМАЦИИ, 2020. № 8. P. 11-15. URL: http://journal.asu.ru/ptzi/article/view/13929.
Section
Проблемы технического обеспечения информационной безопасности
References
Garber L. Denial-of-Service Attacks Rip the Internet // IEEE Computer. – 2000. – Vol. 33. - Iss. 4. – pp. 12–17.
Бирюков А.А. Информационная безопасность: защита и нападение // М.: ДМК Пресс, 2012. – 474 с.
Lu W., Traore I. An unsupervised approach for detecting DDoS attacks based on traffic-based metrics // IEEE Pacific Rim Conference on Communications, Computers and signal Processing PACRIM 2005. 24–26 Aug. 2005. - pp. 462–465.
Noh S., Lee C., Choi K., Jung G. Detecting distributed denial of service (DDoS) attacks through inductive learning // Lecture Notes in Computer Science. Berlin, Springer. – 2003. - Vol. 2690. - pp. 286-295.
Шаньгин В. Ф. Защита информации в компьютерных системах и сетях // М.: ИНФРА-М. - 2011. – 416 с.
Mahajan D. DDoS Attack Prevention and Mitigation Techniques - A Review // International Journal of Computer Applications. – 2013. – Vol. 67. – Iss. 19. – pp. 21–24.
Кузьменко, Н.Г. Компьютерные сети и сетевые технологии // СПб.: Наука и техника, 2013. – 368 c.
Teare D., Vachon B., Graziani R. Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide // Indianapolis: Cisco Press, 2015. – 726.
Амато В. Основы организации сетей Cisco. // М.: Издательский дом "Вильямс", 2002. – 512 с.
Зрелов П.В., Иванов Вал.В., Иванов Вик.В., Крюков Ю.А., Татаринов И.И. Исследование особенностей Интернет-трафика в магистральном канале // Письма в ЭЧАЯ. – 2019. – Т. 16. - №3 (222). – С. 261 – 276.
Бирюков А.А. Информационная безопасность: защита и нападение // М.: ДМК Пресс, 2012. – 474 с.
Lu W., Traore I. An unsupervised approach for detecting DDoS attacks based on traffic-based metrics // IEEE Pacific Rim Conference on Communications, Computers and signal Processing PACRIM 2005. 24–26 Aug. 2005. - pp. 462–465.
Noh S., Lee C., Choi K., Jung G. Detecting distributed denial of service (DDoS) attacks through inductive learning // Lecture Notes in Computer Science. Berlin, Springer. – 2003. - Vol. 2690. - pp. 286-295.
Шаньгин В. Ф. Защита информации в компьютерных системах и сетях // М.: ИНФРА-М. - 2011. – 416 с.
Mahajan D. DDoS Attack Prevention and Mitigation Techniques - A Review // International Journal of Computer Applications. – 2013. – Vol. 67. – Iss. 19. – pp. 21–24.
Кузьменко, Н.Г. Компьютерные сети и сетевые технологии // СПб.: Наука и техника, 2013. – 368 c.
Teare D., Vachon B., Graziani R. Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide // Indianapolis: Cisco Press, 2015. – 726.
Амато В. Основы организации сетей Cisco. // М.: Издательский дом "Вильямс", 2002. – 512 с.
Зрелов П.В., Иванов Вал.В., Иванов Вик.В., Крюков Ю.А., Татаринов И.И. Исследование особенностей Интернет-трафика в магистральном канале // Письма в ЭЧАЯ. – 2019. – Т. 16. - №3 (222). – С. 261 – 276.