Distributed defence against denial of service attacks: a practical view

Authors:
Gulay Oke;Georgios Loukas
Affiliations:
Dept. of Electrical and Electronic Engineering, Imperial College London;Dept. of Electrical and Electronic Engineering, Imperial College London
Venue:
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Year:
2008

Citing 13
Cited 2

Swarm intelligence: from natural to artificial systems

Swarm intelligence: from natural to artificial systems
Measurement and performance of a cognitive packet network

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on networking middleware: selected papers from the TERENA networking conference 2001
Cognitive Packet Networks: QoS and Performance

MASCOTS '02 Proceedings of the 10th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems
Using graphic turing tests to counter automated DDoS attacks against web servers

Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
Pattern Classification (2nd Edition)

Pattern Classification (2nd Edition)
D-ward: source-end defense against distributed denial-of-service attacks

D-ward: source-end defense against distributed denial-of-service attacks
An Autonomic Approach to Denial of Service Defence

WOWMOM '05 Proceedings of the First International IEEE WoWMoM Workshop on Autonomic Communications and Computing (ACC'05) - Volume 02
A Mathematical Theory of Communication

A Mathematical Theory of Communication
PacketScore: A Statistics-Based Packet Filtering Scheme against Distributed Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
A self-aware approach to denial of service defence

Computer Networks: The International Journal of Computer and Telecommunications Networking
The Politics of DDoS Attacks

IEEE Distributed Systems Online
A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network

The Computer Journal

Demonstrating cognitive packet network resilience to worm attacks

Proceedings of the 17th ACM conference on Computer and communications security
Strengthening the security of cognitive packet networks

International Journal of Advanced Intelligence Paradigms

Quantified Score

Hi-index	0.00

Visualization

Abstract

In recent years, Denial of Service attacks have evolved into a predominant network security threat. In our previous work, we identified the necessary building blocks for an effective defence mechanism and suggested ways to integrate them. Here, we present the results of this integration on the DoS-resilience of a real networking testbed which runs the Self-Aware CPN routing protocol. The incoming traffic at each node is monitored with a detection mechanism that is based on maximum likelihood estimation. In response to high probability of attack, the traffic is ratelimited proportionally to the measured probability. We illustrate the results of the experiments we have performed to demonstrate the efficiency of the distributed defence system that we propose.