A Service-oriented DDoS detection mechanism using pseudo state in a flow router
详细信息    查看全文
  • 作者:PyungKoo Park ; SeongMin Yoo ; HoYong Ryu ; Jaehyung Park…
  • 关键词:Distributed denial ; of ; service ; Flow Router ; Pseudo states
  • 刊名:Multimedia Tools and Applications
  • 出版年:2015
  • 出版时间:August 2015
  • 年:2015
  • 卷:74
  • 期:16
  • 页码:6341-6363
  • 全文大小:1,946 KB
  • 参考文献:1.BBC News, New 鈥榗yber attacks鈥?hit S Korea, 2009-07-09
    2.Bellovin SM (2000) ICMP traceback messages. Work in progress, internet draft draftbellovin-itrace-00.txt
    3.Binstock A (1996) Hashing rehashed: is RAM spped making your hashing less efficient? Dr. Dobb鈥檚 J vol. 4, no. 2
    4.Black JR Jr., Martel CU, Qi H (1998) Graph and hashing algorithms for modern architectures: Design and performance. In Proceedings of the 2nd Workshop on Algorithm Engineering (WAE鈥?8), Saarbrucken, Germany
    5.Broder A, Mitzenmacher M (2001) Using multiple hash functions to improve IP lookups. In Proceedings of the Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE INFOCOM 2001), Anchorage, AK
    6.Charette C (2011) Distributed denial of service attacks flare up. IEEE spectrum
    7.Gong C, Sarac K (2008) A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Trans Parallel Distributed Syst 19:1310鈥?324View Article
    8.Hillier FS, Lieberman GJ (2001) Introduction to operations research, 7th ed. McGraw-Hill Higher Education
    9.Internet Website: http://鈥媔ta.鈥媏e.鈥媗bl.鈥媑ov/鈥媓tml/鈥媍ontrib/鈥媁orldCup.鈥媓tml
    10.Internet Website: http://鈥媤ww.鈥媍avium.鈥媍om/鈥?/span>
    11.Internet Website: http://鈥媤ww.鈥媠ablenetworks.鈥媍om/鈥媔ndex.鈥媝hp/鈥媏n/鈥?/span>
    12.Ioannidis J, Bellovin SM (2002) Implementing pushback: router-based defense against DDoS Attacks. Proc. NDSS鈥?002
    13.Jin C, Wang H, Shin KG (2003) Hop-count filtering: an effective defense against spoofed DDoS Traffic. Proceeding of the 10th ACM Conference on Computer and Communications Security
    14.Kuzmanovic A, Knightly EW (2001) Low-rate TCP-Targeted denial of service attacks and counter strategies. IEEE/ACM Transactions to Improve IP Lookups, INFOCOM 2001. Twentieth, ieeexplore.鈥媔eee.鈥媜rg
    15.Lau F, Rubin SH, Smith MH, et al. (2000) Distributed denial of service attacks. 2000 IEEE International Conference on Systems, Man, and Cybernetics
    16.Litwin W (1980) Linear hashing: a new tool for file and table addressing. In proceeding of: Sixth International Conference on Very Large Data Bases, October 1鈥?, 1980, Montreal, Quebec, Canada, Proceedings
    17.Paxson V (2006) End-to-end routing behavior in the internet. IEEE/ACM Transaction on Networking, pp. 601鈥?15
    18.Shon T, Kim Y, Lee C, et al (2005) A machine learning framework for network anomaly detection using SVM and GA. The Sixth Annual IEEE SMC
    19.Tanachaiwiwiat S, Hwang K (2003) Differential packet filtering against DDoS flood attacks. Proc. ACM Conference on Computer and Communications Security (CCS)
    20.Waldvogel M, Varghese G, Turner J (1997) Scalable high speed IP routing lookups. dl.鈥媋cm.鈥媜rg
    21.Wang H, Zhang D, Shin KG (2002) Detecting SYN Flooding Attacks. INFOCOM 2002. Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. Vol 3, 1530鈥?539
  • 作者单位:PyungKoo Park (1)
    SeongMin Yoo (2)
    HoYong Ryu (1)
    Jaehyung Park (3)
    Cheol Hong Kim (3)
    Su-il Choi (3)
    JaeCheol Ryou (2)

    1. Communication Internet Research Lab., Network Software Research Section, Electronics and Telecommunications Research Institute, Daejeon, Republic of Korea
    2. Information Security Lab., Department of Computer Engineering, Chungnam National University, Daejeon, Republic of Korea
    3. School of Electronics and Computer Engineering, Chonnam National University, Gwangju, Republic of Korea
  • 刊物类别:Computer Science
  • 刊物主题:Multimedia Information Systems
    Computer Communication Networks
    Data Structures, Cryptology and Information Theory
    Special Purpose and Application-Based Systems
  • 出版者:Springer Netherlands
  • ISSN:1573-7721
文摘
As distributed denial-of-service (DDoS) attacks have caused serious economic and social problems, there have been numerous researches to defend against them. The current DDoS defense system relies on a dedicated security device, which is located in front of the server it is required to protect. To detect DDoS attacks, this security device compares incoming traffic to known attack patterns. Since such a defense mechanism cannot prevent an influx of attack traffic into the network, and every packet must be compared against the known attack patterns, the mechanism often degrades the service. In this paper, we propose the Service-oriented DDoS Detection Mechanism using a Pseudo State (SDM-P), which runs on network devices to defend against DDoS attacks without sacrificing performance in terms of data forwarding. The SDM-P mechanism is suitable for both low- and high-rate attacks. In addition, we verified the performance of the SDM-P mechanism by evaluating its performance using a DDoS attack similar to the one that occurred in Korea and the USA on July 7th, 2009.

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700