Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
AEGIS: An Active-Network-Powered Defense Mechanism against DDoS Attacks
IWAN '01 Proceedings of the IFIP-TC6 Third International Working Conference on Active Networks
IBAN: Intrusion Blocker Based on Active Networks
DANCE '02 Proceedings of the 2002 DARPA Active Networks Conference and Exposition
Active Network Based DDoS Defense
DANCE '02 Proceedings of the 2002 DARPA Active Networks Conference and Exposition
IEEE Security and Privacy
A detection and filter system for use against large-scale DDoS attacks in the internet backbone
IWAN'04 Proceedings of the 6th IFIP TC6 international working conference on Active networks
Distributed detection of large-scale attacks in the internet
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Anomaly-based identification of large-scale attacks
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Collaborative anomaly-based detection of large-scale internet attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Network hazards like attacks or misbehaving nodes are still a great obstacle for network operators. Distributed denial of service attacks and worm propagations do not only affect the attacked nodes but also the network itself by wasting network resources. In wireless ad hoc networks even more hazards exist due to its self-organizing characteristic. A detection of such network hazards as early as possible enables a fast deployment of appropriate countermeasures and thereby significantly improves network operation. Our proposed detection system uses programmable network technology to deploy such a system within the network itself. Doing this without influencing the routing performance seriously demands a resource saving architecture. We therefore propose to use a hierarchical architecture which runs a very small basic stage all the time and loads specialized detection modules on demand to verify the network hazard. In this paper we introduce our system which can detect DDoS attacks, worm propagations, and wormhole attacks.