Alliance formation for DDoS defense

Authors:
Jelena Mirkovic;Max Robinson;Peter Reiher
Affiliations:
University of Delaware, Newark, Delaware;UCLA, Los Angeles, California;UCLA, Los Angeles, California
Venue:
Proceedings of the 2003 workshop on New security paradigms
Year:
2003

Citing 14
Cited 14

Defending against denial of service attacks in Scout

OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
Broadcast Encryption's Bright Future

Computer
EROS: A Principle-Driven Operating System from the Ground Up

IEEE Software
SOS: secure overlay services

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Attacking DDoS at the Source

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
A Method to Implement a Denial of Service Protection Base

ACISP '97 Proceedings of the Second Australasian Conference on Information Security and Privacy
Towards Network Denial of Service Resistant Protocols

Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
A Formal Framework and Evaluation Method for Network Denial of Service

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Disseminating Security Updates at Internet Scale

Disseminating Security Updates at Internet Scale
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
MULTOPS: a data-structure for bandwidth attack detection

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10

D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Survey of network-based defense mechanisms countering the DoS and DDoS problems

ACM Computing Surveys (CSUR)
A Divide-and-Conquer Strategy for Thwarting Distributed Denial-of-Service Attacks

IEEE Transactions on Parallel and Distributed Systems
Large-scale IP traceback in high-speed internet: practical techniques and information-theoretic foundation

IEEE/ACM Transactions on Networking (TON)
Design of the host guard firewall for network protection

ISP'08 Proceedings of the 7th WSEAS international conference on Information security and privacy
Impact of sanitized message flows in a cooperative intrusion warning system

MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Multilateral decisions for collaborative defense against unsolicited bulk e-mail

iTrust'06 Proceedings of the 4th international conference on Trust Management
Secure overlay network design

AAIM'06 Proceedings of the Second international conference on Algorithmic Aspects in Information and Management
Distributed defense against distributed denial-of-service attacks

ICA3PP'05 Proceedings of the 6th international conference on Algorithms and Architectures for Parallel Processing
Users and services in intelligent networks

AINTEC'05 Proceedings of the First Asian Internet Engineering conference on Technologies for Advanced Heterogeneous Networks
Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Review: Analyzing well-known countermeasures against distributed denial of service attacks

Computer Communications
An orchestration approach for unwanted Internet traffic identification

Computer Networks: The International Journal of Computer and Telecommunications Networking
Queue management as a DoS counter-measure?

ISC'07 Proceedings of the 10th international conference on Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Currently, there is no effective defense against large-scale distributed denial-of-service (DDoS) attacks. While numerous DDoS defense systems exist that offer excellent protection from specific attack types and scenarios, they can frequently be defeated by an attacker aware of their weaknesses. A necessary requirement for successful DDoS defense is wide deployment, but none of these systems can guarantee wide deployment simply because deployment depends more on market and social aspects than on the technical performance of the system.To successfully handle the DDoS threat we must abandon the current paradigm---the design of defense systems that operate in isolation---and shift toward a new paradigm, a distributed framework of heterogeneous systems that cooperate to achieve an effective defense. Heterogeneity is dictated by two major factors. First, the necessary requirements for a successful defense are detection, response and traffic differentiation. These requirements must be met at disjoint points in the Internet and require a disjoint set of functionalities from the defense systems. Second, heterogeneity is dictated by the current state of the DDoS defense field in which numerous systems exist that can offer similar performance and compete for market share. In this paper we show how the paradigm shift can be accomplished quickly and painlessly through the design of DefCOM, a distributed framework that enables the exchange of information and services between existing defense nodes.