Proceedings Article10.1109/NCA.2003.1201153
Source-end DDoS defense
Jelena Mirkovic,G. Prier,Peter Reiher +2 more
- 16 Apr 2003
- pp 171-178
TL;DR: This work describes one successful design of a source-end DDoS defense system-the D-WARD system, which was implemented in a Linux router and demonstrated good service to legitimate traffic during the attack.
read more
Abstract: A successful source-end DDoS (distributed denial-of-service) defense enables early suppression of the attack and minimizes collateral damage However, such an approach faces many challenges: (a) distributing the attack hinders detection; (b) defense systems must guarantee good service to legitimate traffic during the attack; and (c) deployment costs and false alarm levels must be sufficiently small and effectiveness must be high to provide deployment incentive We discuss each of the challenges and describe one successful design of a source-end DDoS defense system-the D-WARD system D-WARD was implemented in a Linux router We include experimental results to illustrate D-WARD's performance
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks
TL;DR: The primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.
Security, Privacy, and Access Control in Information-Centric Networking: A Survey
TL;DR: In this article, the authors survey the existing literature in security and privacy in ICN and present open questions, and explore three broad areas: 1) security threats, 2) privacy risks, and 3) access control enforcement mechanisms.
253
Machine Learning Based DDoS Attack Detection from Source Side in Cloud
Zecheng He,Tianwei Zhang,Ruby B. Lee +2 more
- 26 Jun 2017
TL;DR: This paper proposes a DOS attack detection system on the source side in the cloud, based on machine learning techniques, that leverages statistical information from both the cloud server's hypervisor and the virtual machines, to prevent network packages from being sent out to the outside network.
192
Recent Advances in Attacks, Technical Challenges, Vulnerabilities and Their Countermeasures in Wireless Sensor Networks
Bharat Bhushan,Gadadhar Sahoo +1 more
TL;DR: The security threats and vulnerabilities imposed by the distinctive open nature of WSNs are examined and a comprehensive survey of various routing and middleware challenges for wireless networks is presented.
165
DDoS detection and traceback with decision tree and grey relational analysis
Yi-Chi Wu,Huei-Ru Tseng,Wuu Yang,Rong-Hong Jan +3 more
- 01 Mar 2011
TL;DR: A DDoS-detection system based on a decision-tree technique and, after detecting an attack, to trace back to the attacker's locations with a traffic-flow pattern-matching technique that could detect DDoS attacks with the false positive ratio about 1.2-2.4%.
84
References
Random early detection gateways for congestion avoidance
Sally Floyd,Van Jacobson +1 more
TL;DR: Red gateways are designed to accompany a transport-layer congestion control protocol such as TCP and have no bias against bursty traffic and avoids the global synchronization of many connections decreasing their window at the same time.
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
P. Ferguson,D. Senie +1 more
- 01 Jan 1998
TL;DR: A simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point is discussed.
Practical network support for IP traceback
Stefan Savage,David Wetherall,Anna R. Karlin,Thomas Anderson +3 more
- 28 Aug 2000
TL;DR: A general purpose traceback mechanism based on probabilistic packet marking in the network that allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs).
Advanced and authenticated marking schemes for IP traceback
Dawn Song,Adrian Perrig +1 more
- 22 Apr 2001
TL;DR: Two new schemes are presented, the advanced marking scheme and the authenticated marking scheme, which allow the victim to trace-back the approximate origin of spoofed IP packets and provide efficient authentication of routers' markings such that even a compromised router cannot forge or tamper markings from other uncompromised routers.
Hash-based IP traceback
Alex C. Snoeren,Craig Partridge,Luis Sanchez,Christine Elaine Jones,Fabrice Tchakountio,Stephen T. Kent,W. Timothy Strayer +6 more
- 27 Aug 2001
TL;DR: This work presents a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past and is implementable in current or next-generation routing hardware.
Related Papers (5)
Jelena Mirkovic,Peter Reiher +1 more
- 01 Apr 2004
Jelena Mirkovic,G. Prier,Peter Reiher +2 more
- 12 Nov 2002