A quantitative comparison of graph-based models for Internet topology
IEEE/ACM Transactions on Networking (TON)
Controlling High-Bandwidth Flows at the Congested Router
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
On realistic network topologies for simulation
MoMeTools '03 Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Detection and Honeypot Based Redirection to Counter DDoS Attacks in ISP Domain
IAS '07 Proceedings of the Third International Symposium on Information Assurance and Security
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
INFOCOM'96 Proceedings of the Fifteenth annual joint conference of the IEEE computer and communications societies conference on The conference on computer communications - Volume 2
Hi-index | 0.00 |
DDoS attacks aim to deny legitimate users of the services. In this paper, the authors introduce dual-level attack detection D-LAD scheme for defending against the DDoS attacks. At higher and coarse level, the macroscopic level detectors MaLAD attempt to detect congestion inducing attacks which cause apparent slowdown in network functionality. At lower and fine level, the microscopic level detectors MiLAD detect sophisticated attacks that cause network performance to degrade gracefully and stealth attacks that remain undetected in transit domain and do not impact the victim. The response mechanism then redirects the suspicious traffic of anomalous flows to honeypot trap for further evaluation. It selectively drops the attack packets and minimizes collateral damage in addressing the DDoS problem. Results demonstrate that this scheme is very effective and provides the quite demanded solution to the DDoS problem.