End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
On power-law relationships of the Internet topology
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Stability issues in OSPF routing
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
A Protocol and Simulation for Distributed Communicating Firewalls
COMPSAC '99 23rd International Computer Software and Applications Conference
Indra: A peer-to-peer approach to network intrusion detection and prevention
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Distributed Management Architecture for Cooperative Detection and Reaction to DDoS Attacks
Journal of Network and Systems Management
Locating internet routing instabilities
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Detecting DDoS attacks with passive measurement based heuristics
ISCC '04 Proceedings of the Ninth International Symposium on Computers and Communications 2004 Volume 2 (ISCC"04) - Volume 02
IEEE Transactions on Dependable and Secure Computing
PRIMED: community-of-interest-based DDoS mitigation
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Protecting TCP services from denial of service attacks
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Keeping Denial-of-Service Attackers in the Dark
IEEE Transactions on Dependable and Secure Computing
A Distributed Defense Framework for Flooding-Based DDoS Attacks
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Adaptive distributed mechanism against flooding network attacks based on machine learning
Proceedings of the 1st ACM workshop on Workshop on AISec
A DDoS-Oriented Distributed Defense Framework Based on Edge Router Feedbacks in Autonomous Systems
IMSCCS '08 Proceedings of the 2008 International Multi-symposiums on Computer and Computational Sciences
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
Detection of DDoS attack and defense against IP spoofing
Proceedings of the International Conference on Advances in Computing, Communication and Control
Computational methods for a mathematical theory of evidence
IJCAI'81 Proceedings of the 7th international joint conference on Artificial intelligence - Volume 2
Detecting traffic differentiation in backbone ISPs with NetPolice
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Optimizing cost and performance in online service provider networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
A new form of DOS attack in a cloud and its avoidance mechanism
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Detection of HTTP flooding attacks in multiple scenarios
Proceedings of the 2011 International Conference on Communication, Computing & Security
Understanding Internet traffic streams: dragonflies and tortoises
IEEE Communications Magazine
| Hi-index | 0.00 |
Distributed denial-of-service (DDoS) attacks remain a major security problem, the mitigation of which is very hard especially when it comes to highly distributed botnet-based attacks. The early discovery of these attacks, although challenging, is necessary to protect end-users as well as the expensive network infrastructure resources. In this paper, we address the problem of DDoS attacks and present the theoretical foundation, architecture, and algorithms of FireCol. The core of FireCol is composed of intrusion prevention systems (IPSs) located at the Internet service providers (ISPs) level. The IPSs form virtual protection rings around the hosts to defend and collaborate by exchanging selected traffic information. The evaluation of FireCol using extensive simulations and a real dataset is presented, showing FireCol effectiveness and low overhead, as well as its support for incremental deployment in real networks.