Design and Analysis of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID Environments

Authors:
Taieb Znati;James Amadei;Daniel R. Pazehoski;Scott Sweeny
Affiliations:
cs.pitt.edu;cs.pitt.edu;cs.pitt.edu;cs.pitt.edu
Venue:
ANSS '06 Proceedings of the 39th annual Symposium on Simulation
Year:
2006

Citing 15
Cited 2

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A survey of intrusion detection techniques

Computers and Security
Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Service specific anomaly detection for network intrusion detection

Proceedings of the 2002 ACM symposium on Applied computing
Intrusion Detection

Intrusion Detection
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
Single-packet IP traceback

IEEE/ACM Transactions on Networking (TON)
SOS: secure overlay services

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
BlueBoX: A policy-driven, host-based intrusion detection system

ACM Transactions on Information and System Security (TISSEC)
USTAT: A Real-Time Intrusion Detection System for UNIX

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks

ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
A taxonomy of DDoS attack and DDoS defense mechanisms

ACM SIGCOMM Computer Communication Review
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks

Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
On the difficulty of scalably detecting network attacks

Proceedings of the 11th ACM conference on Computer and communications security
Alert Correlation through Triggering Events and Common Resources

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference

On the Design and Performance of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID and Collaborative Workflow Environments

Simulation
On the design of an global intrusion tolerance network architecture against the internet catastrophes

Journal of Systems and Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

Basic protection schemes against Denial-of-Service (DoS) are based on a perimeter-based model, where attacks are dealt with after they occur. This is quite often too late to prevent damage or loss of resources and service. The focus of this paper is to investigate a distributed defense method that can neutralize the attack before it reaches the potential target in mass. In order to effectively implement this method, this paper proposes a progressive, globally deployable sentinel scheme for data sampling, packet inspection, and DoS attack detection and recovery. A simulation framework is developed to study the performance of the proposed scheme. The results show a significant improvement in how the network deals with DoS attacks, in comparison to local DoS detection and prevention schemes.