| With the continuous development of computer network, network security is alsofacinga big challenge. The hosts and servers on the network face attacking threat for variouspurpose. In these attacks, distributed denial of service attacking is a means, which not onlyis common,but also is very effective.it will not only lead to object attacked loss of serviceability, but also lead to network congestionand even thenetwork breakdown. The attackingmean cause very large economiclosses.Distributed denial of service attacks aimed at thenetwork and relatedequipment, which use a large number of dummy nodelaunch alarge-scale attack to victim node. It causes the network or the system overload,so thatbreak down andstop the normal network servicethrough the consumption of resources ornetworkbandwidth, so that the legitimate user cannot access or use the resources As thecharacteristic of distribution, it is difficult to trace, and easy to implement. So it is difficultto effectively prevent.With the rapid growth of Internet users and a variety of applications, more and moreusers share the limited resources and information in the network.So the network congestionbecomes more and more serious. Thus, congestion control has become the research focus ofthe network. With more and more application requirements, only rely on the terminal tocontrol congestion has not meet the changes. To implement congestion control in theintermediate nodes has become a must. In this way, it will be more effective to avoidcongestion. At present, Active Queue Management (AQM) has become one of the researchfocuses. The concept is simple, easy to implement and it also can effectively solve complexproblems. In the paper, PSO is used in the design of active queue management controller.In order to optimize controller parameters, there is the form of the PSO-PID AQM.In order to reduce the impact of DDoS on the intermediate network,there is the methodof push back DDoS attacks chain on the router. The defense scope can be scaleed up asmuch as possible. Push-back is considered promising DDoS attack prevention methods. Inthe paper, PSO-PID AQM is used in AggregatebasedCongestion Control (ACC). A new algorithm is proposed: Improved Aggregate basedCongestion Control (IACC).Garg proposed a resource regulation method about DDos prevention which is based onQoS (Quality of Service). This method can effectively protect the resources of server-sideor host-side. It can regulate the excessive cost of server-side resources.So that the method achieves the purpose of preventing the attacks.In the paper, the combination of congestion control and resource control, It takes thepush-back algorithm on the server side base on the improved aggregate congestion control.It also takes resource regulation based on QoS. The prevention strategy is proposed whichis base on congestion control and resource control. The main idea of the strategy is thatusing congestion strategy to defense the DDoS attacks with the combination of router-sideand attacked-side. So as to achieve a variety of DDoS attack ways of effective prevention. |
PDF Full Text Request