Mitigating DoS Attacks With Application Of Server Migrating Roam

The wide-usage of Internet makes our work and life more indispensable to it. CRM, ERP, and automatic-office software greatly enhances our work efficiency. Through Internet, we can find all kinds of work and study materials, on-line pay telephone fees, and make friends, as well as entertainment. However, there are lots of illegal internet attacks occurring everyday. Ever since the computers have been connected by network, clearly, network security is the major problem. Denial of service attacks, the most frequently used methods by the hackers, is the most threat and most hard to defensive attacks.This study thoroughly analyzed the attacking mechanisms by which the DoS attacks occur and introduced the existing DoS defensive and attenuating-related techniques. Based on the TCP migrating technique, we proposed a new safe communication application scheme, which utilized the server roaming technology to migrate DoS attacks.This study fulfilled the collectively design of the proactive server roaming application. Its core idea is based on sever proactive roaming, which is the physical migrating of one TCP terminate to another one, accompanying with the changes of IP address or the parameters of terminate to attenuate the DoS attacks. Based on TCP/IP protocal and internet programming Sock application, a safe internet communication roaming service system has been achieved. There is only one server is active in any minute. The location of the active server will change periodically to another sever in the sever pool, and its IP address and the parameters of terminate will change accordingly. When the old server migrates, it will automatically flush the service state information, and the clients who connected to the old server will be considered illegal and thus will be filtered by the firewall. Only the authorized clients could follow the change of the locations of the active server, and thus achieving the objectives of migrating DoS attacks.This system has run successfully in our laboratory's local internet, This scheme is carried out like this: This scheme efficiently decreased the response lag of the clients, as well as the loads of the server, and thus increased the efficiency of the whole systems. Furthermore, the proactiveness of this scheme makes it difficult for attackers to guess when or where servers roam, therefore, when DoS attack does occur, the system will recover very fast and thus guarantee the high speed and high quality services.