A self-aware approach to denial of service defence

Authors:
Erol Gelenbe;George Loukas
Affiliations:
Intelligent Systems and Networks Group, Department of Electrical and Electronic Engineering, Imperial College, London SW7 2BT, United Kingdom;Intelligent Systems and Networks Group, Department of Electrical and Electronic Engineering, Imperial College, London SW7 2BT, United Kingdom
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2007

Citing 14
Cited 14

Introduction to queueing networks

Introduction to queueing networks
An analysis of using reflectors for distributed denial-of-service attacks

ACM SIGCOMM Computer Communication Review
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
Single-packet IP traceback

IEEE/ACM Transactions on Networking (TON)
Cognitive Packet Networks

ICTAI '99 Proceedings of the 11th IEEE International Conference on Tools with Artificial Intelligence
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Cognitive Packet Networks: QoS and Performance

MASCOTS '02 Proceedings of the 10th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems
Using graphic turing tests to counter automated DDoS attacks against web servers

Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles

IEEE/ACM Transactions on Networking (TON)
Autonomous Smart Routing for Network QoS

ICAC '04 Proceedings of the First International Conference on Autonomic Computing
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds

NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks

IEEE Transactions on Parallel and Distributed Systems

Towards lightweight and efficient DDOS attacks detection for web server

Proceedings of the 18th international conference on World wide web
Steps toward self-aware networks

Communications of the ACM - Barbara Liskov: ACM's A.M. Turing Award Winner
Demonstrating cognitive packet network resilience to worm attacks

Proceedings of the 17th ACM conference on Computer and communications security
Design of a mobile agent-based adaptive communication middleware for federations of critical infrastructure simulations

CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
An initiative for a classified bibliography on G-networks

Performance Evaluation
Energy packet networks: adaptive energy management for the cloud

Proceedings of the 2nd International Workshop on Cloud Computing Platforms
Distributed defence against denial of service attacks: a practical view

VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Energy packet networks: smart electricity storage to meet surges in demand

Proceedings of the 5th International ICST Conference on Simulation Tools and Techniques
Bibliography on G-networks, negative customers and applications

Mathematical and Computer Modelling: An International Journal
A Systematic Survey of Self-Protecting Software Systems

ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Modeling and evaluating of typical advanced peer-to-peer botnet

Performance Evaluation
Strengthening the security of cognitive packet networks

International Journal of Advanced Intelligence Paradigms
Modelling and analysis of gene regulatory networks based on the G-network

International Journal of Advanced Intelligence Paradigms
Multiobjective learning in the random neural network

International Journal of Advanced Intelligence Paradigms

Quantified Score

Hi-index	0.00

Visualization

Abstract

Denial of service (DoS) attacks are a serious security threat for Internet based organisations, and effective methods are needed to detect an attack and defend the nodes being attacked in real time. We propose an autonomic approach to DoS defence based on detecting DoS flows, and adaptively dropping attacking packets upstream from the node being attacked using trace-back of the attacking flows. Our approach is based on the Cognitive Packet Network infrastructure which uses smart packets to select paths based on Quality of Service. This approach allows paths being used by a flow (including an attacking flow) to be identified, and also helps legitimate flows to find robust paths during an attack. We evaluate the proposed approach using a mathematical model, as well as using experiments in a laboratory test-bed. We then suggest a more sophisticated defence framework based on authenticity tests as part of the detection mechanism, and on assigning priorities to incoming traffic and rate-limiting it on the basis of the outcome of these tests.