Efficient and beneficial defense against DDoS direct attack and reflector attack

Authors:
Yanxiang He;Wei Chen;Wenling Peng;Min Yang
Affiliations:
Computer School, The State Key Lab of Software Engineering, Wuhan University, Hubei, China;Computer School, The State Key Lab of Software Engineering, Wuhan University, Hubei, China;Computer School, The State Key Lab of Software Engineering, Wuhan University, Hubei, China;Computer School, The State Key Lab of Software Engineering, Wuhan University, Hubei, China
Venue:
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Year:
2005

Citing 10
Cited 1

Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
Hash-based IP traceback

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
An algebraic approach to IP traceback

ACM Transactions on Information and System Security (TISSEC)
Attacking DDoS at the Source

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
Resisting SYN flood DoS attacks with a SYN cache

BSDC'02 Proceedings of the BSD Conference 2002 on BSD Conference
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine
IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks

IEEE Transactions on Parallel and Distributed Systems

Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Distributed Denial-of-Service (DDoS) attacks misuse network resource and bring serious threats to the internet. Detecting DDoS at the source-end has many advantages over defense at the victim-end and intermediate-network. However, one of the main problems for source-end methods is the performance degradation brought by these methods and no direct benefit for Internet Service Provider(ISP), which discourages ISPs to deploy the defense system. We propose an efficient detection approach, which only requires limited fixed-length memory and low computation overhead but provides satisfying detection results. Our method is also beneficial because the method can not only detect direct DDoS attack for other ISPs, but also protect the ISP itself from reflector DDoS attack. The efficient and beneficial defense is practical and expected to attract more ISPs to join the cooperation. The experiments results show our approach is efficient and feasible for defense at the source-end.