How to construct random functions
Journal of the ACM (JACM)
Migratory TCP: Connection Migration for Service Continuity in the Internet
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Analysis of a Denial of Service Attack on TCP
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Fine-grained failover using connection migration
USITS'01 Proceedings of the 3rd conference on USENIX Symposium on Internet Technologies and Systems - Volume 3
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Simulation of dynamic honeypot based redirection to counter service level DDoS attacks
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Intelligent DDoS packet filtering in high-speed networks
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Dynamic Binary User-Splits to Protect Cloud Servers from DDoS Attacks
Proceedings of the Second International Conference on Innovative Computing and Cloud Computing
Hi-index | 0.01 |
The main goal of the NETSEC project is to designand implement a framework for mitigating the effects ofthe node-based and link-based DoS attacks. Our strategy employs three lines of defense. The first line ofdefense is to restrict the access to the defended servicesusing offline service subscription, encryption and othertraditional security techniques. The second line of defense is server roaming, by which we mean the migration of the service from one server to another, wherethe new server has a different IP address. Finally, eachserver and firewall(s) implement resource managementschemes as a third line of defense. For example, deploying separate input queues to allocate different classes ofservice requests. In this paper, we show our simulationstudy on the second line of defense, the server roaming. The design and procedure of the sever roaming onthe NS2 is described. The promising results of applying the server roaming to mitigate the DoS attack inthe simulation are also shown with analysis.