End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
ACM Transactions on Computer Systems (TOCS)
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
AEGIS: An Active-Network-Powered Defense Mechanism against DDoS Attacks
IWAN '01 Proceedings of the IFIP-TC6 Third International Working Conference on Active Networks
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
Alliance formation for DDoS defense
Proceedings of the 2003 workshop on New security paradigms
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
On scalable attack detection in the network
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Distinguishing between single and multi-source attacks using signal processing
Computer Networks: The International Journal of Computer and Telecommunications Networking
On the robustness of router-based denial-of-service (DoS) defense systems
ACM SIGCOMM Computer Communication Review
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Monitoring the Macroscopic Effect of DDoS Flooding Attacks
IEEE Transactions on Dependable and Secure Computing
Detecting Distributed Denial-of-Service Attacks Using Kolmogorov Complexity Metrics
Journal of Network and Systems Management
One step ahead to multisensor data fusion for DDoS detection
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
On scalable attack detection in the network
IEEE/ACM Transactions on Networking (TON)
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Adaptive defense against various network attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Protecting Grid Data Transfer Services with Active Network Interfaces
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Collaborative Detection of DDoS Attacks over Multiple Network Domains
IEEE Transactions on Parallel and Distributed Systems
Finding hierarchical heavy hitters in data streams
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Distributed change-point detection of DDoS attacks: experimental results on DETER testbed
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Statistical techniques for detecting traffic anomalies through packet header data
IEEE/ACM Transactions on Networking (TON)
Adaptive distributed mechanism against flooding network attacks based on machine learning
Proceedings of the 1st ACM workshop on Workshop on AISec
A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification
WSEAS Transactions on Computers
Agent-based modeling and simulation of network softbots' competition
Proceedings of the 2006 conference on Knowledge-Based Software Engineering: Proceedings of the Seventh Joint Conference on Knowledge-Based Software Engineering
DDoSniffer: Detecting DDoS attack at the source agents
International Journal of Advanced Media and Communication
Detecting DDoS Attacks Using Dispersible Traffic Matrix and Weighted Moving Average
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
DDoS Attack Detection Algorithm Using IP Address Features
FAW '09 Proceedings of the 3d International Workshop on Frontiers in Algorithmics
Design of the host guard firewall for network protection
ISP'08 Proceedings of the 7th WSEAS international conference on Information security and privacy
Communities of interest for internet traffic prioritization
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Detecting distributed denial of service attacks by sharing distributed beliefs
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Simulation of dynamic honeypot based redirection to counter service level DDoS attacks
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Unified rate limiting in broadband access networks for defeating internet worms and DDoS attacks
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
An attack classification mechanism based on multiple support vector machines
ICCSA'07 Proceedings of the 2007 international conference on Computational science and Its applications - Volume Part II
Journal of Intelligent Manufacturing
Don't tread on me: moderating access to OSN data with spikestrip
WOSN'10 Proceedings of the 3rd conference on Online social networks
OverCourt: DDoS mitigation through credit-based traffic segregation and path migration
Computer Communications
The dark side of the Internet: Attacks, costs and responses
Information Systems
WDA: A Web farm Distributed Denial Of Service attack attenuator
Computer Networks: The International Journal of Computer and Telecommunications Networking
dfence: transparent network-based denial of service mitigation
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
A new and comprehensive taxonomy of DDoS attacks and defense mechanism
ISP'07 Proceedings of the 6th WSEAS international conference on Information security and privacy
Multi-stage change-point detection scheme for large-scale simultaneous events
Computer Communications
Simulation of internet DDoS attacks and defense
ISC'06 Proceedings of the 9th international conference on Information Security
Probabilistic packet filtering model to protect web server from DDoS attacks
NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
DoS protection for a pragmatic multiservice network based on programmable networks
AN'06 Proceedings of the First IFIP TC6 international conference on Autonomic Networking
SVM approach with CTNT to detect DDoS attacks in grid computing
GCC'05 Proceedings of the 4th international conference on Grid and Cooperative Computing
Safeguard information infrastructure against DDoS attacks: experiments and modeling
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
A new DDoS detection model using multiple SVMs and TRA
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
PPF model with CTNT to defend web server from DDoS attack
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Intrusion detection with CUSUM for TCP-Based DDoS
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
A comprehensive categorization of DDoS attack and DDoS defense techniques
ADMA'06 Proceedings of the Second international conference on Advanced Data Mining and Applications
A hypothesis testing based scalable TCP scan detection
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
PCAV: internet attack visualization on parallel coordinates
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
LoRDAS: a low-rate dos attack against application servers
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
A multilayer overlay network architecture for enhancing IP services availability against dos
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Classification of UDP traffic for DDoS detection
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
DDoS flooding attack detection scheme based on F-divergence
Computer Communications
SYN flooding attack detection by TCP handshake anomalies
Security and Communication Networks
Joining the Dots: Joining the dots
Network Security
A DDoS attack detection mechanism based on protocol specific traffic features
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
FireCol: a collaborative protection network for the detection of flooding DDoS attacks
IEEE/ACM Transactions on Networking (TON)
Dual-Level Attack Detection, Characterization and Response for Networks Under DDoS Attacks
International Journal of Mobile Computing and Multimedia Communications
Hi-index | 0.00 |
A denial-of-service bandwidth attack is an attempt to disrupt an online service by generating a traffic overload that clogs links or causes routers near the victim to crash. We propose a heuristic and a data-structure that network devices (such as routers) can use to detect (and eliminate) such attacks. With our method, each network device maintains a data-structure, MULTOPS, that monitors certain traffic characteristics. MULTOPS (MUlti-Level Tree for Online Packet Statistics) is a tree of nodes that contains packet rate statistics for subnet prefixes at different aggregation levels. The tree expands and contracts within a fixed memory budget. A network device using MULTOPS detects ongoing bandwidth attacks by the significant, disproportional difference between packet rates going to and coming from the victim or the attacker. MULTOPS-equipped routing software running on an off-the-shelf 700 Mhz Pentium III PC can process up to 340,000 packets per second.