CluB: a cluster based framework for mitigating distributed denial of service attacks

Authors:
Zhang Fu;Marina Papatriantafilou;Philippas Tsigas
Affiliations:
Chalmers University of Technology, Gothenburg Sweden;Chalmers University of Technology, Gothenburg Sweden;Chalmers University of Technology, Gothenburg Sweden
Venue:
Proceedings of the 2011 ACM Symposium on Applied Computing
Year:
2011

Citing 15
Cited 1

On power-law relationships of the Internet topology

Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
SOS: secure overlay services

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Preventing Internet denial-of-service with capabilities

ACM SIGCOMM Computer Communication Review
A system for authenticated policy-compliant routing

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
SPV: secure path vector routing for securing BGP

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A DoS-limiting network architecture

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Countering DoS attacks with stateless multipath overlays

Proceedings of the 12th ACM conference on Computer and communications security
Active internet traffic filtering: real-time response to denial-of-service attacks

ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Portcullis: protecting connection setup from denial-of-capability attacks

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Collaborative Detection of DDoS Attacks over Multiple Network Domains

IEEE Transactions on Parallel and Distributed Systems
To filter or to authorize: network-layer DoS defense against multimillion-node botnets

Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts

SRDS '08 Proceedings of the 2008 Symposium on Reliable Distributed Systems
Mitigating denial of capability attacks using sink tree based quota allocation

Proceedings of the 2010 ACM Symposium on Applied Computing

STONE: a stream-based DDoS defense framework

Proceedings of the 28th Annual ACM Symposium on Applied Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Distributed Denial of Service (DDoS) attacks are threats not only for the direct targets but also for the core of the network. They are also hard to detect in advance, hence methods to deal with them need to be proactive. By building on earlier work and improving on distribution of control aspects, we propose a Cluster Based framework, which is called CluB, to mitigate DDoS attacks; the method balances the effectiveness-overhead trade-off by addressing the issue of granularity of control in the network. CluB can collaborate with different routing policies in the network, including contemporary datagram options. We estimate the effectiveness of the framework and also study a set of factors for tuning the granularity of control.