A Study on the Anomalous Traffic Handling

For recent years, hacking is in the trends of making excessive traffic unnecessarily to obstruct the service by getting a system's performance down. And we can also see systems paralyzed in service ability due to the flash crowds of normal traffic to a popular website. This is an important problem certainly solved in the point of QoS guarantee for the clients. It is known that the former is DDoS(Distributed Denial of Service) attack and the latter is FE(Flash Event). These two are samely anomalous traffic because these make excessive congestion on the network or system and downgrade the system's service ability. In this paper, we propose a scheme for protecting the system against anomalous traffic and for guaranteeing the QoS. For this, a server records and maintains the information of clients accessed more than one time before when it is in normal condition. When it falls into the congestion, the records are used for filtering the spoofed IP. We send and receive the ICMP request/reply packet to know whether the IP is spoofed. And we also propose for applying the object spliting of CDN to guarantee the QoS in the initial FE situation.