| dc.description.abstract | As modern technology advances, the Internet has evolved beyond its initial purpose as a military communication tool. It now integrates resources, services, and applications using advanced cloud and IoT technologies, creating a complex, heterogeneous system. Network administrators, in response to demands for efficient system management and timely issue resolution, have adopted network monitoring systems. Among these, the Zabbix network monitoring tool, notable for its open-source nature and strong community support, effectively detects and manages system outages caused by instability, performance bottlenecks, or networking challenges. This tool ensures a high level of network and service availability, providing organizations with a stable approach to infrastructure management.
DDoS attacks are powerful threats that can make networks and services unavailable. Due to their high variability and difficulty in tracing, there still lacks a comprehensive solution to handle. The increasing number of botnets and widespread distribution of DDoS tools have significantly reduced the cost for attackers to launch DDoS attacks. On the contrary, for general users, the importance of the network is rapidly rising. This contrast makes DDoS attacks happens a lot in recent years. Most current defense methods require additional software, hardware support, or the acquisition of services. Therefore, defending against DDoS attacks often depends on the financial capacity of each enterprise or organization.
In this study, utilizing Zabbix as a monitoring tool, we propose an automated route blackholing mechanism to counter DDoS attacks. We introduce the UDP Reflection Amplification (URA) detection module to detect DDoS activities, and we implement the automated Remote Trigger Blackhole (RTBH) module to mitigate the impact of such attacks. This approach offers a cost-effective solution specifically for alleviating the effects of DDoS attacks | en_US |