Publication detail

Comparison of Linux Filtering Tools for Mitigation of DDoS Attacks

BLAŽEK, P. GERLICH, T. MARTINÁSEK, Z. FROLKA, J.

Original Title

Comparison of Linux Filtering Tools for Mitigation of DDoS Attacks

English Title

Comparison of Linux Filtering Tools for Mitigation of DDoS Attacks

Type

conference paper

Language

en

Original Abstract

Every year, the intensity and quantity of Distributed Denial of Service (DDoS) attacks realized is incessantly increasing, that is confirmed by companies such as Kaspersky, Imperva or Verisign. Moreover, this reality is also confirmed by the published losses of victims. The popularity of these attacks is mainly trigger for the simplicity of realization therefore the actual costs of the attack realization are cheap. The main goal of this article is to compare open source tools for network data processing. This research is realized in order to identify the most effective tool including the settings that will be implemented into DDoS mitigation system. The final system provide adaptive network filtering based on the decomposition of network traffic and filtering utilizing commodity servers.

English abstract

Every year, the intensity and quantity of Distributed Denial of Service (DDoS) attacks realized is incessantly increasing, that is confirmed by companies such as Kaspersky, Imperva or Verisign. Moreover, this reality is also confirmed by the published losses of victims. The popularity of these attacks is mainly trigger for the simplicity of realization therefore the actual costs of the attack realization are cheap. The main goal of this article is to compare open source tools for network data processing. This research is realized in order to identify the most effective tool including the settings that will be implemented into DDoS mitigation system. The final system provide adaptive network filtering based on the decomposition of network traffic and filtering utilizing commodity servers.

Keywords

Data center; DDoS, iptables; mitigation; netmap; nftables

Released

17.07.2018

ISBN

978-1-5386-4695-3

Book

41st International Conference on Telecommunications and Signal Processing (TSP)

Pages from

145

Pages to

149

Pages count

5

BibTex


@inproceedings{BUT148832,
  author="Petr {Blažek} and Tomáš {Gerlich} and Zdeněk {Martinásek} and Jakub {Frolka}",
  title="Comparison of Linux Filtering Tools for Mitigation
of DDoS Attacks",
  annote="Every year, the intensity and quantity of Distributed Denial of Service (DDoS) attacks realized is incessantly increasing, that is confirmed by companies such as Kaspersky, Imperva or Verisign. Moreover, this reality is also confirmed by the published losses of victims. The popularity of these attacks is mainly trigger for the simplicity of realization therefore the actual costs of the attack realization are cheap. The main goal of this article is to compare open source tools for network data processing. This research is realized in order to identify the
most effective tool including the settings that will be implemented into DDoS mitigation system. The final system provide adaptive network filtering based on the decomposition of network traffic and filtering utilizing commodity servers.",
  booktitle="41st International Conference on Telecommunications and Signal Processing (TSP)",
  chapter="148832",
  howpublished="online",
  year="2018",
  month="july",
  pages="145--149",
  type="conference paper"
}