Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Building Internet firewalls (2nd ed.)
Building Internet firewalls (2nd ed.)
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Broadband Telecommunications Handbook, Second Edition
Broadband Telecommunications Handbook, Second Edition
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
Design and Performance of the OpenBSD Stateful Packet Filter (pf)
Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
Alliance formation for DDoS defense
Proceedings of the 2003 workshop on New security paradigms
A Novel Packet Marking Scheme for IP Traceback
ICPADS '04 Proceedings of the Parallel and Distributed Systems, Tenth International Conference
D-ward: source-end defense against distributed denial-of-service attacks
D-ward: source-end defense against distributed denial-of-service attacks
Probabilistic anomaly detection in distributed computer networks
Science of Computer Programming
A Framework for a Collaborative DDoS Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Firewall Policies and VPN Configurations
Firewall Policies and VPN Configurations
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Computer Networks: The International Journal of Computer and Telecommunications Networking
Provider-based deterministic packet marking against distributed DoS attacks
Journal of Network and Computer Applications
Detecting anomalies in network traffic using maximum entropy estimation
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Conflict classification and analysis of distributed firewall policies
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
This paper presents a new design for a packet filtering firewall, called Host Guard Firewall (HGF) which helps to mitigate the most pressing problems facing the global Internet It presents also a new designed Host Guard Protocol (HGP) which help to authenticate the authorized packet. The new designed HGF firewall acts in the reverse direction like a military check point that does not allow any one to cross the point without an authenticated permission. The authenticated permission here is an authentication mark given to the passing authorized packets. The HGF is used as a DoS defense system deployed at a source-end network. The HGP guarantees the authenticity between the hosts on the network. This is done by signing the trusted outgoing packets with the HGP authentication mark which is the permission of passing of these packets through the network. The HGP mark is proposed as a puzzle which is generated and identified with the same intended programs. The authentication mark could be generated and protected using electronic and encryption means at the data link layer of the open system interconnected network configuration.