Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
New client puzzle outsourcing techniques for DoS resistance
Proceedings of the 11th ACM conference on Computer and communications security
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
SOS: an architecture for mitigating DDoS attacks
IEEE Journal on Selected Areas in Communications
IEEE Transactions on Parallel and Distributed Systems
Information Security Journal: A Global Perspective
Hi-index | 0.00 |
Distributed Denial-of-Service (DDoS) attacks pose a serious threat to Internet security. Most current research focuses on detection and prevention methods on the victim server or source side. To date, there has been no work on defenses using valuable information from the innocent client whose IP has been used in attacking packets. In this paper, we propose a novel cooperative system for producing warning of a DDoS attack. The system consists of a client detector and a server detector. The client detector is placed on the innocent client side and uses a Bloom filter-based detection scheme to generate accurate detection results yet consumes minimal storage and computational resources. The server detector can actively assist the warning process by sending requests to innocent hosts. Simulation results show that the cooperative technique presented in this paper can yield accurate DDoS alarms at an early stage. We theoretically show the false alarm probability of the detection scheme, which is insensitive to false alarms when using specially designed evaluation functions.