Collaborative detection and filtering of shrew DDoS attacks using spectral analysis
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Collaborative Detection of DDoS Attacks over Multiple Network Domains
IEEE Transactions on Parallel and Distributed Systems
Distributed denial of service attack detection using an ensemble of neural classifier
Computer Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDoS flooding attack detection scheme based on F-divergence
Computer Communications
Distributed denial-of-service attack detection scheme-based joint-entropy
Security and Communication Networks
Computers and Electrical Engineering
Hi-index | 0.00 |
A community network often operates within the same ISP (Internet Service Provider) domain or the network is administered by a virtual organization spanning across multiple network domains with an established trust relationship. To counter DDoS (distributed denial-of-service) attacks in such a federated network environment, the routers can work cooperatively to raise early warning to avoid catastrophic damages. This paper proposes a collaborative architecture to detect DDoS flooding attacks. The scheme appeals, in particular, to protect networked resource centers that work as a collaboration Grid. By monitoring the distribution of suspicious traffic changes over a number of attack-transit routers, we developed a new Change-Aggregation Tree (CAT) mechanism to enable early detection of DDoS attacks on community networks. We want to detect flooding attacks as early as possible. Here, we report preliminary NS-2 simulation results on a singledomain ISP core network to prove the effectiveness of the new collaborative CAT architecture for DDoS defense. The simulated system achieved a detection rate as high as 95% with less than 1% of false positive alarms. Extensions of this architecture to cross-domain DDoS defense are discussed with further research challenges identified.