Abstract
Abstract: Denial of Service (DoS) attacks have proven to be a challenging issue for the Internet community. In this paper we present a novel approach, ACtive edge-Tagging (ACT), to effectively identify and isolate DoS attacks that use randomly forged source IP addresses. Unlike the existing approaches, our scheme does not require complicated requirements or mandatory participation from every individual network in the Internet. ACT operates in the network layer based on passive traffic monitoring, and is particularly effective for identifying attackers using Distributed DoS (DDoS) type of intrusion schemes, and highly scalable for implementation in large-scale networks. ACT is based on the Active Networks environment, which provides a dynamic execution environment within the network for user programs and enables fast deployment of new protocols without modifying network infrastructure and easy maintenance of existing protocols.