Thwarting DDoS attacks in grid using information divergence

Authors:
P. Varalakshmi;S. Thamarai Selvi
Affiliations:
Department of Information Technology, Madras Institute of Technology, Anna University Chromepet, Chennai-600 044 Tamil Nadu, India;Madras Institute of Technology, Anna University Chennai, Chromepet, Chennai, 600 044 Tamil Nadu, India
Venue:
Future Generation Computer Systems
Year:
2013

Citing 15
Cited 1

Intrusion detection with neural networks

NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks

ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
A taxonomy of DDoS attack and DDoS defense mechanisms

ACM SIGCOMM Computer Communication Review
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles

IEEE/ACM Transactions on Networking (TON)
The Anatomy of the Grid: Enabling Scalable Virtual Organizations

International Journal of High Performance Computing Applications
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Filtering of Shrew DDoS Attacks in Frequency Domain

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
PacketScore: A Statistics-Based Packet Filtering Scheme against Distributed Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Defense against spoofed IP traffic using hop-count filtering

IEEE/ACM Transactions on Networking (TON)
Combining filtering and statistical methods for anomaly detection

IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Collaborative Detection of DDoS Attacks over Multiple Network Domains

IEEE Transactions on Parallel and Distributed Systems
Statistical techniques for detecting traffic anomalies through packet header data

IEEE/ACM Transactions on Networking (TON)
Covariance-Matrix Modeling and Detecting Various Flooding Attacks

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Intrusion Detection Routers: Design, Implementation and Evaluation Using an Experimental Testbed

IEEE Journal on Selected Areas in Communications

SHAPE--an approach for self-healing and self-protection in complex distributed networks

The Journal of Supercomputing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Grid is an emerging resource intensive environment that aims at utilizing resources efficiently and effectively. Distributed Denial-of-Service (DDoS) attacks on the Grid can have a devastating effect since there are several resource constraints in a Grid environment. A DDoS can cause large-scale damage to resources and availability of the resources to genuine Grid users. This paper proposes a five-fold DDoS Defense Mechanism using an Information Divergence scheme that detects the attacker and discards the adversary's packets for a fixed amount of time in an organized manner. The trust value is adjusted based on the attack intensity to ensure a trustworthy system. The mitigation is carried out by limiting the bandwidth of the attacking IP instead of completely blocking the attackers IPs. With this, the job success rate is more by the proposed approach compared to completely blocking the attackers IP approach.