Hello guys,
I’ve working on rts game and now i need add network support.
I’m using UDP Socket. I’ll have max 8~15 players per server instance and i’m doing this way to implement some security:
1- UDPClient connects to UDPServer, per session UDPServer creates one AESKEY and AESIV.
2- UDPClient sends packet requesting AESKEY and AESIV.
3- UDPServer sends packet containing AESKEY and AESIV to UDPClient.
4- UDPClient generates random string, encrypt it and sends packet to UDPServer. UDPServer decrypt and send a packet containing the decrypted string back to UDPClient.
5- UDPClient receives the packet and compare it with random string generated. If matches, the connection is OK and “SECURE” to transfer data.
- All packets are sending with compression, to minimize network impact.
My problem is, how to identify UDP Flood (DDoS) on the server?
On my current test, i’m doing this way:
long NowTicks = DateTime.Now.Ticks,
sub = NowTicks - session.LastPacketTime;
double TotalMiliseconds = TimeSpan.FromTicks(sub).TotalMilliseconds;
if (TotalMiliseconds < 100)
{
session.Flood++;
}
If the last packet (before actual), was send 0.1s before, i consider this packet as flood.
If the session reach 50+ flood packets, the server’ll not parse any more packets from the client.
I need to deny the packet from the client, and not stop parsing it. Anyone knows some way to do it on udp?
On the server i’m using System.Net.Sockets.UdpClient.
On the client i’m using System.Net.Sockets.Socket.