End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Defending against denial of service attacks in Scout
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Measuring ISP topologies with rocketfuel
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Experience with EMERALD to Date
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
The OSU Flow-tools Package and CISCO NetFlow Logs
LISA '00 Proceedings of the 14th USENIX conference on System administration
Analyzing Distributed Denial of Service Tools: The Shaft Case
LISA '00 Proceedings of the 14th USENIX conference on System administration
Defensive programming: using an annotation toolkit to build DoS-resistant software
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Mapping and visualizing the internet
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Web server support for tiered services
IEEE Network: The Magazine of Global Internetworking
On scalable attack detection in the network
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
On the difficulty of scalably detecting network attacks
Proceedings of the 11th ACM conference on Computer and communications security
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Tabu Marking Scheme for IP Traceback
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
IP Easy-pass: a light-weight network-edge resource access control
IEEE/ACM Transactions on Networking (TON)
IEEE Transactions on Dependable and Secure Computing
A novel approach to detecting DDoS Attacks at an Early Stage
The Journal of Supercomputing
Exploiting P2P systems for DDoS attacks
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
Protecting TCP services from denial of service attacks
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
REFWA: an efficient and fair congestion control scheme for LEO satellite networks
IEEE/ACM Transactions on Networking (TON)
Dynamic probabilistic packet marking for efficient IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
A self-aware approach to denial of service defence
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
BASE: an incrementally deployable mechanism for viable IP spoofing prevention
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Post-game estimation of game client RTT and hop count distributions
NetGames '06 Proceedings of 5th ACM SIGCOMM workshop on Network and system support for games
On scalable attack detection in the network
IEEE/ACM Transactions on Networking (TON)
The spoofer project: inferring the extent of source address filtering on the internet
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Adaptive defense against various network attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Efficient and secure source authentication with packet passports
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
A Divide-and-Conquer Strategy for Thwarting Distributed Denial-of-Service Attacks
IEEE Transactions on Parallel and Distributed Systems
Building Reputations for Internet Clients
Electronic Notes in Theoretical Computer Science (ENTCS)
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Keeping Denial-of-Service Attackers in the Dark
IEEE Transactions on Dependable and Secure Computing
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Journal of Parallel and Distributed Computing
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Single packet IP traceback in AS-level partial deployment scenario
International Journal of Security and Networks
Packet forwarding with source verification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Passport: secure and adoptable source authentication
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
A collaborative defense mechanism against SYN flooding attacks in IP networks
Journal of Network and Computer Applications
Network discovery from passive measurements
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Detecting DRDoS attacks by a simple response packet confirmation mechanism
Computer Communications
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part IV: ICCS 2007
Fidelity of network simulation and emulation: A case study of TCP-targeted denial of service attacks
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Profit-aware overload protection in E-commerce Web sites
Journal of Network and Computer Applications
IEEE/ACM Transactions on Networking (TON)
A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors
IEEE/ACM Transactions on Networking (TON)
On the state of IP spoofing defense
ACM Transactions on Internet Technology (TOIT)
International Journal of Electronic Security and Digital Forensics
Information Security Journal: A Global Perspective
Agent-based modeling and simulation of network softbots' competition
Proceedings of the 2006 conference on Knowledge-Based Software Engineering: Proceedings of the Seventh Joint Conference on Knowledge-Based Software Engineering
On the detection of signaling DoS attacks on 3G/WiMax wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Future Generation Computer Systems
Understanding the efficacy of deployed internet source address validation filtering
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Distributed packet pairing for reflector based DDoS attack mitigation
Computer Communications
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Towards behavioral control in multi-player network games
GameNets'09 Proceedings of the First ICST international conference on Game Theory for Networks
Traceback-based Bloomfilter IPS in defending SYN flooding attack
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Request diversion: a novel mechanism to counter P2P based DDoS attacks
International Journal of Internet Protocol Technology
The automatic peer-to-peer signature for source address validation
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part I
Multi-agent framework for simulation of adaptive cooperative defense against internet attacks
AIS-ADM'07 Proceedings of the 2nd international conference on Autonomous intelligent systems: agents and data mining
Unified defense against DDoS attacks
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
RateGuard: a robust distributed denial of service (DDoS) defense system
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
JUST-google: a search engine-based defense against botnet-based DDoS attacks
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A novel DDOS attack defending framework with minimized bilateral damages
CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
Survey of low rate DoS attack detection mechanisms
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
DMIPS: defensive mechanism against IP spoofing
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Parametric methods for anomaly detection in aggregate traffic
IEEE/ACM Transactions on Networking (TON)
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Combat model-based DDoS detection and defence using experimental testbed: a quantitative approach
International Journal of Intelligent Engineering Informatics
Simulation of internet DDoS attacks and defense
ISC'06 Proceedings of the 9th international conference on Information Security
Intelligent DDoS packet filtering in high-speed networks
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Efficient and beneficial defense against DDoS direct attack and reflector attack
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Automated immunization against denial-of-service attacks featuring stochastic packet inspection
GCC'05 Proceedings of the 4th international conference on Grid and Cooperative Computing
Safeguard information infrastructure against DDoS attacks: experiments and modeling
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Users and services in intelligent networks
AINTEC'05 Proceedings of the First Asian Internet Engineering conference on Technologies for Advanced Heterogeneous Networks
Enable a trustworthy network by source address spoofing prevention routers: a formal description
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
A novel technique for detecting DDoS attacks at its early stage
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
NS-2 based IP traceback simulation against reflector based DDoS attack
AIS'04 Proceedings of the 13th international conference on AI, Simulation, and Planning in High Autonomy Systems
RCS: a distributed mechanism against link flooding DDoS attacks
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
Victim-Assisted mitigation technique for TCP-Based reflector DDoS attacks
NETWORKING'05 Proceedings of the 4th IFIP-TC6 international conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communication Systems
PISA: automatic extraction of traffic signatures
NETWORKING'05 Proceedings of the 4th IFIP-TC6 international conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communication Systems
Keeping denial-of-service attackers in the dark
DISC'05 Proceedings of the 19th international conference on Distributed Computing
DDoS defense mechanisms: a new taxonomy
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Distributed defence against denial of service attacks: a practical view
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Classification of UDP traffic for DDoS detection
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Tracking DDoS attacks: insights into the business of disrupting the web
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Understanding the impact of denial of service attacks on virtual machines
Proceedings of the 2012 IEEE 20th International Workshop on Quality of Service
NSS'12 Proceedings of the 6th international conference on Network and System Security
International Journal of Information Security and Privacy
Simulation-based study of botnets and defense mechanisms against them
Journal of Computer and Systems Sciences International
Detecting IP spoofing by modelling history of IP address entry points
AIMS'13 Proceedings of the 7th IFIP WG 6.6 international conference on Autonomous Infrastructure, Management, and Security: emerging management mechanisms for the future internet - Volume 7943
DataTraffic Monitoring and Analysis
A methodology to counter DoS attacks in mobile IP communication
Mobile Information Systems
Hi-index | 0.00 |
IP spoofing has been exploited by Distributed Denial of Service (DDoS) attacks to (1) conceal flooding sources and localities in flooding traffic, and (2) coax legitimate hosts into becoming reflectors, redirecting and amplifying flooding traffic. Thus, the ability to filter spoofed IP packets near victims is essential to their own protection as well as to their avoidance of becoming involuntary DoS reflectors. Although an attacker can forge any field in the IP header, he or she cannot falsify the number of hops an IP packet takes to reach its destination. This hop-count information can be inferred from the Time-to-Live (TTL) value in the IP header. Using a mapping between IP addresses and their hop-counts to an Internet server, the server can distinguish spoofed IP packets from legitimate ones. Base on this observation, we present a novel filtering technique that is immediately deployable to weed out spoofed IP packets. Through analysis using network measurement data, we show that Hop-Count Filtering (HCF) can identify close to 90% of spoofed IP packets, and then discard them with little collateral damage. We implement and evaluate HCF in the Linux kernel, demonstrating its benefits using experimental measurements.