COUNTERING AGAINST DISTRIBUTED DENIAL-OF-SERVICE (DDOS) ATTACK USING CONTENT DELIVERY NETWORK

摘要

Method and apparatus for blocking a distributed denial-of-service (DDoS) attack are provided. It is first determined whether a traffic status of an origin server is based on the DDoS attack. When it is determined that the traffic status of the origin server is based on the DDoS attack, a DNS is requested to change an Internet protocol (IP) address of the origin server to the IP address of at least one of plural servers. Accordingly, it is possible to accept a normal service providing request and also to determined and block the DDoS attack. In addition, since a device for determining and blocking the DDoS attack need not be installed in each site or server, it is possible to efficiently determine and block the DDoS attack at reduced cost.