A distributed denial-of-service (DDoS) attack is a representative network attack and may seriously damage networks. Thus, an effective method for defending the DoS attack is necessary.
As described later with reference to FIG. 1, methods for defending network attacks can be classified by defense point, and it is efficient to defend network attacks at a router among the various defense points.
This method stores filters, which are a kind of rules for blocking attack traffic, in a router and blocks packets corresponding to particular traffic by using the filters.
A filtering router, which can propagate filters fast and is compatible with conventional systems so as to be convenient in installation and use, and a method, which can effectively blocks packets by using the filtering router, are necessary.
With respect to the example embodiments described herein, Korean Patent Application Publication No. 10-2006-0128734 (“Adaptive Defense against Various Network Attacks”) describes adaptively adjusting attack sensitivity of a filter depending on various standards.
In addition, Korean Patent No. 10-1228288 (“Network Monitoring Method and Apparatus therefor”) describes adaptively adjusting standards for blocking and controlling packet traffic flow.