DDoS attacks defense based on active networks

Jui Ming Chen, Kai Ping Wang, Li Der Chou

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


If the infected condition of each network node can be determined when the DDoS attacks start to spread, the attacked area can then be restricted and isolated. The paper proposed the Active DDoS Defense System (ADDS) that utilizes the advantage of Active Networks, fast on distributing policies, to detect every node gradually and divide the whole network into three areas: safe area, uncertain area and attacked area. Then repair the vulnerability of each network node by delivering virus pattern using active packets. Finally, the whole network topology can be divided into safe area and attacked area, and thus the DDoS attacks will be restricted and isolated. Simulation results show that ADDS is able to increase network survival time for 224%, and decrease the ratio of CPU time wasted by undetected attacks for 34.58%. But ADDS also increase the legal traffic dropped rate to 8.12%.

Original languageEnglish
Pages (from-to)205-213
Number of pages9
JournalJournal of Internet Technology
Issue number2
StatePublished - Apr 2006


  • Active networks
  • ADDS
  • ANTS
  • DDoS


Dive into the research topics of 'DDoS attacks defense based on active networks'. Together they form a unique fingerprint.

Cite this