Abstraction-based intrusion detection in distributed environments
ACM Transactions on Information and System Security (TISSEC)
IP Traceback: A New Denial-of-Service Deterrent?
IEEE Security and Privacy
Self-configuring network traffic generation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Perimeter-Based Defense against High Bandwidth DDoS Attacks
IEEE Transactions on Parallel and Distributed Systems
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
On the Effectiveness of Secure Overlay Forwarding Systems under Intelligent Distributed DoS Attacks
IEEE Transactions on Parallel and Distributed Systems
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Collaborative detection and filtering of shrew DDoS attacks using spectral analysis
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes
IEEE Transactions on Dependable and Secure Computing
Collaborative Detection of DDoS Attacks over Multiple Network Domains
IEEE Transactions on Parallel and Distributed Systems
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Benchmarks for DDoS defense evaluation
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Anomaly-Based intrusion detection algorithms for wireless networks
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
Hi-index | 0.00 |
It is highly desired to detect the DDoS flooding attacks at an early stage in order to launch effective countermeasures timely. We have developed a distributed change-point detection scheme to detect flooding type DDoS attacks over multiple network domains. The approach is to monitor the spatiotemporal pattern of the attack traffic. We have simulated the new defense system on the DETER testbed. The new scheme is proven scalable to cover hundreds of ISP-controlled network domains. With 4 network domains working collaboratively, we achieved on the DETER testbed a 98% detection rate with less than 1% false alarms.