Multicast routing in a datagram internetwork
Multicast routing in a datagram internetwork
SIGCOMM '93 Conference proceedings on Communications architectures, protocols and applications
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Defending against denial of service attacks in Scout
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Enabling conferencing applications on the internet using an overlay muilticast architecture
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Trajectory sampling for direct traffic observation
IEEE/ACM Transactions on Networking (TON)
SNMP,SNMPV2,Snmpv3,and RMON 1 and 2
SNMP,SNMPV2,Snmpv3,and RMON 1 and 2
Defeating Distributed Denial of Service Attacks
IT Professional
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Application-Level Multicast Using Content-Addressable Networks
NGC '01 Proceedings of the Third International COST264 Workshop on Networked Group Communication
Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and
Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and
Scattercast: an architecture for internet broadcast distribution as an infrastructure service
Scattercast: an architecture for internet broadcast distribution as an infrastructure service
Overcast: reliable multicasting with on overlay network
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
ALMI: an application level multicast infrastructure
USITS'01 Proceedings of the 3rd conference on USENIX Symposium on Internet Technologies and Systems - Volume 3
Tracers placement for IP traceback against DDoS attacks
Proceedings of the 2006 international conference on Wireless communications and mobile computing
| Hi-index | 0.00 |
In this paper we present a distributed scalable framework to support on- demand filtering and tracing services for defeating distributed denial of service attacks. Our filtering mechanism is designed to quickly identify a set of boundary filter locations so that attack packets might be dropped as close as possible to their origin(s). We argue that precisely identifying the origins of an attack is not achievable when there is only a partial deployment of tracing nodes--as is likely to be the case in practice. Thus we present a tracing mechanism which can identify sets of candidate nodes containing attack origins. Both mechanisms leverage multicasting services to achieve scalable, responsive and robust operation, and operate with a partial and incremental deployment.Performance evaluations of proposed approaches on both real and synthetic topologies show that a small coverage of filtering and tracing components throughout a network can be effective at blocking and localizing attacks.