Policy-based Reconfigurable Bandwidth-Controller for Network Bandwidth Saturation Attacks


The KIPS Transactions:PartC, Vol. 11, No. 7, pp. 951-958, Dec. 2004
10.3745/KIPSTC.2004.11.7.951,   PDF Download:

Abstract

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DDoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth controller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of bandwidth controlling policy in bps speed.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
S. K. Park, J. T. Oh, K. Y. Kim, "Policy-based Reconfigurable Bandwidth-Controller for Network Bandwidth Saturation Attacks," The KIPS Transactions:PartC, vol. 11, no. 7, pp. 951-958, 2004. DOI: 10.3745/KIPSTC.2004.11.7.951.

[ACM Style]
Sang Kil Park, Jin Tae Oh, and Ki Young Kim. 2004. Policy-based Reconfigurable Bandwidth-Controller for Network Bandwidth Saturation Attacks. The KIPS Transactions:PartC, 11, 7, (2004), 951-958. DOI: 10.3745/KIPSTC.2004.11.7.951.