Source address filtering in large scale network: A cooperative software mechanism design

Shu Yang, Mingwei Xu, Dan Wang, Jianping Wu

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review


To prevent network infrastructure from malicious traffic, such as DDoS attack and scanning, source filtering is widely used in the network. There are different ways to store the filters, e.g., a blacklist of source addresses. Among them, TCAM-based is used as the de facto, because of its wire speed performance. Unfortunately, TCAM is a scarce resource because it's limited by small capacity, high power consumption and high cost. To save storage space, some TCAM-based solutions even block part of the legitimate traffic for better aggregation. Another choice is software based solutions, which have larger storage space compared to hardware based solutions. However, they require multiple accesses for a single lookup, which causes latency.

Original languageEnglish
Title of host publicationProceedings of the ACM CoNEXT Student Workshop, CoNEXT 2011
Publication statusPublished - 1 Dec 2011
Event2011 ACM CoNext Student Workshop, CoNEXT 2011 - Tokyo, Japan
Duration: 6 Dec 20116 Dec 2011

Publication series

NameProceedings of the ACM CoNEXT Student Workshop, CoNEXT 2011


Conference2011 ACM CoNext Student Workshop, CoNEXT 2011

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this