In this paper, we focus on defending the DDoS attacks since they have caused many famous websites enormous losses in recent years. We propose a Priority Queue-Based scheme to analyze the interval of arrival time of the incoming packet to distinguish malicious traffic from normal traffic and to take care of malicious attacks clogging the network. We use the network simulator, NS2, to evaluate the effectiveness of the proposed scheme. The proposed Priority Queue-based scheme not only effectively decreases the flows of malicious packets from DDoS attacks with various packet rates, but also provides smooth and constant flows for packets sent by normal users. Furthermore, our priority queue-based scheme performs much better than other schemes when the number of the DDoS nodes becomes large. ? 2009 Springer-Verlag Berlin Heidelberg.
Relation:
Communications in Computer and Information Science 56 , pp. 301-307
