Cisco IOS 12.0 Quality of Service
Cisco IOS 12.0 Quality of Service
Properties and prediction of flow statistics from sampled packet streams
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Gigascope: a stream database for network applications
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
PRIMED: community-of-interest-based DDoS mitigation
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Analyzing large DDoS attacks using multiple data sources
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Wide-scale botnet detection and characterization
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Minimizing collateral damage by proactive surge protection
Proceedings of the 2007 workshop on Large scale attack defense
Mouse Trapping: A Flow Data Reduction Method
ICIMP '08 Proceedings of the 2008 The Third International Conference on Internet Monitoring and Protection
Analysis of communities of interest in data networks
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
IEEE Network: The Magazine of Global Internetworking
Review: A survey of network flow applications
Journal of Network and Computer Applications
| Hi-index | 0.00 |
Communities of Interest (COI) have been studied in the past to classify traffic within an enterprise network, and to mitigate denial-of-service (DoS) attacks. We investigate the use of Communities of Interest (COIs) to prioritize known good traffic on the Internet. Under our system, an ISP may construct a COI for each of its enterprise customers. The COI would contain entities which have previously had good communications with the customer. These COIs could then be used in combination with traffic differentiating mechanisms during periods of heavy traffic in order to prioritize traffic from communicating entities known to be good. We show that it is possible to construct an effective COI from information which would be available to an ISP about its customers, specifically sampled Netflow data. We investigate various heuristics to determine which flows actually represent good traffic whose endpoint should be inserted into the COI, and show that our heuristics are effective in differentiating wanted and unwanted traffic.