Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Models and issues in data stream systems
Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
A Statistical Method for Profiling Network Traffic
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Application Profiling of IP Traffic
LCN '02 Proceedings of the 27th Annual IEEE Conference on Local Computer Networks
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Automatically inferring patterns of resource consumption in network traffic
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Fast and Robust Signaling Overload Control
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
On the robustness of router-based denial-of-service (DoS) defense systems
ACM SIGCOMM Computer Communication Review
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SOS: an architecture for mitigating DDoS attacks
IEEE Journal on Selected Areas in Communications
Proceedings of the 2007 workshop on Large scale attack defense
A rough set approach for automatic key attributes identification of zero-day polymorphic worms
Expert Systems with Applications: An International Journal
An image processing approach to traffic anomaly detection
Proceedings of the 4th Asian Conference on Internet Engineering
DoSTRACK: a system for defending against DoS attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Traffic Engineering Based Attack Detection in Active Networks
ICDCN '09 Proceedings of the 10th International Conference on Distributed Computing and Networking
High performance traffic shaping for DDoS mitigation
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Journal of Systems and Software
Trust based traffic monitoring approach for preventing denial of service attacks
Proceedings of the 2nd international conference on Security of information and networks
International Journal of Information and Computer Security
Secured and trusted three-tier grid architecture
International Journal of Ad Hoc and Ubiquitous Computing
Periodic behavior in botnet command and control channels traffic
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
An automatic and dynamic parameter tuning of a statistic-based anomaly detection algorithm
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
A method of extracting malicious expressions in bulletin board systems by using context analysis
Information Processing and Management: an International Journal
Counteracting DDoS attacks in WLAN
Proceedings of the 4th international conference on Security of information and networks
Distributed defence against denial of service attacks: a practical view
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Thwarting DDoS attacks in grid using information divergence
Future Generation Computer Systems
FireCol: a collaborative protection network for the detection of flooding DDoS attacks
IEEE/ACM Transactions on Networking (TON)
A confidence-based filtering method for DDoS attack defense in cloud environment
Future Generation Computer Systems
| Hi-index | 0.00 |
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. This paper introduces a DDoS defense scheme that supports automated online attack characterizations and accurate attack packet discarding based on statistical processing. The key idea is to prioritize a packet based on a score which estimates its legitimacy given the attribute values it carries. Once the score of a packet is computed, this scheme performs score-based selective packet discarding where the dropping threshold is dynamically adjusted based on the score distribution of recent incoming packets and the current level of system overload. This paper describes the design and evaluation of automated attack characterizations, selective packet discarding, and an overload control process. Special considerations are made to ensure that the scheme is amenable to high-speed hardware implementation through scorebook generation and pipeline processing. A simulation study indicates that PacketScore is very effective in blocking several different attack types under many different conditions.