Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Filtering of Shrew DDoS Attacks in Frequency Domain
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
IEEE Transactions on Dependable and Secure Computing
A Framework for a Collaborative DDoS Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Proactive model for Mitigating Internet Denial-of-Service Attacks
ITNG '07 Proceedings of the International Conference on Information Technology
A queueing analysis for the denial of service (DoS) attacks in computer networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Distributed denial of service attacks are the serious candidates for traffic analysis next to traffic performance evaluation. As these threats deplete the network resources rapidly particularly link parameters, modeling these attacks provide a strong base for analyzing the attack characteristics. The solution domain uses active networks for implementation, as it supports active routers which can perform customized tasks on demand and ease of deploying. The paper presents a model based on packet attributes to characterize the attack traffic and a detection and response framework based on the model. The detection mechanism uses leaky buckets to rate limit the traffic based on the packet ranking using linear arithmetic. The simulation results depicting the attack traffic passed through the network as well as the legitimate traffic dropped at the active routers, under different attack scenarios, are found to be comparable to existing solutions with improved efficiency in detection rate and time.