IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A survey of intrusion detection techniques
Computers and Security
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Intrusion Detection
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
BlueBoX: A policy-driven, host-based intrusion detection system
ACM Transactions on Information and System Security (TISSEC)
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
On the difficulty of scalably detecting network attacks
Proceedings of the 11th ACM conference on Computer and communications security
Alert Correlation through Triggering Events and Common Resources
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Journal of Systems and Software
Hi-index | 0.00 |
Basic protection schemes against Denial-of-Service (DoS) are based on a perimeter-based model, where attacks are dealt with after they occur. This is quite often too late to prevent damage or loss of resources and service. The focus of this paper is to investigate a distributed defense method that can neutralize the attack before it reaches the potential target in mass. In order to effectively implement this method, this paper proposes a progressive, globally deployable sentinel scheme for data sampling, packet inspection, and DoS attack detection and recovery. A simulation framework is developed to study the performance of the proposed scheme. The results show a significant improvement in how the network deals with DoS attacks, in comparison to local DoS detection and prevention schemes.