TCP/IP illustrated (vol. 1): the protocols
TCP/IP illustrated (vol. 1): the protocols
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Detecting ddos attacks in stub domains
Detecting ddos attacks in stub domains
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Hi-index | 0.00 |
Distributed Denial of Service (DDoS) attacks are an important and challenging security threat. Despite the existing defence mechanisms, attackers manage to build large sets of impersonated hosts. Our approach consists in detecting DDoS directly on these hosts. We classify ongoing attacks as connection attacks or bandwidth attacks. The former are defined as attacks that generate connections with four packets or fewer; the latter as attacks that create connections with traffic ratios larger than usual. We developed a software tool, DDoSniffer, which enforces those principles. We show that it is capable of detecting a broad range of attacks within seconds.