CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Proactive Protection Against DDoS and Worm Attacks

Kihong Park - Computer Science, Purdue University

Jan 28, 2004


In this talk, I will discuss recent advances in defending against massive DDoS and worm attacks. I will describe two techniques -- route-based and content-based distributed packet filtering -- aimed at effecting proactive protection in large-scale network systems using light-weight networking mechanisms as opposed to heavy-weight cryptographic methods. The key feature of the new approach, called distributed packet filtering, is that proactive protection -- attack packets are discarded before they can reach their victim -- is achieved under small partial deployment. A complementary feature, reactive protection, allows localization of the attack source. Scalable protection is enabled by exploiting the power-law connectivity of Internet topology.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.