DiDDeM: A system for early detection of TCP SYN flood attacks

GLOBECOM - IEEE Global Telecommunications Conference

Volumn 4, Issue , 2004, Pages 2037-2042

  Haggerty, J ^a   Berry, T ^a   Shi, Q ^a   Merabti, M ^a  

^a LIVERPOOL JOHN MOORES UNIVERSITY   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; CONGESTION CONTROL (COMMUNICATION); INFORMATION USE; NETWORK PROTOCOLS; PROBLEM SOLVING;

CONGESTION ALGORITHMS; INTRUSION DETECTION SYSTEMS (IDS); PRE-FILTER (PF) DETECTION MODES; TRAFFIC MONITORING;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 18144369239     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (17)

1. Richardson, R., '2003 CSI/FBI Computer Crime and Security Survey,' Computer Security Institute/ Federal Bureau of Investigation Technical Report, 2004, available from www.gocsi.com.
2. Moore, D., Voelker, G. M., & Savage, S. 'Inferring Internet Denial-of-Service Activity,' Proceedings of 10th Usenix Security Symposium, 2001, Washington, DC.
3. Mankins, D., Krishnan, R., Boyd, C., Zao, J., Frentz, M., 'Mitigating Distributed Denial of Service with Dynamic Resource Pricing,', Proceedings of the Annual Computer Security Applications Conference (ACSAC) 2001, New Orleans, Louisana, USA, 2001.
4. Meadows, C., 'A cost-based framework for analysis of denial of service in networks, ' Journal of Computer Security, 9, pp. 143-164, 2001.
5. Ioannidis, J., Bellovin, S. M., 'Implementing Pushback: Router-based Defense Against DdoS Attacks,' Proceedings of the Network and Distributed Systems Security Symposium, San Diego, CA, USA, 2002.
6. Kuzmanovic, A., Knightly, E. W., 'Low-Rate TCP-Targeted Denial of Service Attacks, ' Proceedings of SIGCOMM 03, Karlesruhe, Germany, 2003.
7. Lemon, J., 'Resisting SYN floods DoS attacks with a SYNcache,'. Proceedings of BSDCon 2002, Berkeley, CA, USA, 2002.
8. Schuba, C. L., Krsul, I. V., Kuhn, M. G., Spafford, E. H., Sundaram, A., Zamboni, D., 'Analysis of a Denial of Service Attack on TCP'. Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, USA, 1997.
9. Mutaf, P., 'Defending Against a Denial-of-Service Attack on TCP', Proceedings of RAID '99, 1999.
10. Huang, Y., Pullen, J. M., 'Countering Denial-of-Service Attacks Using Congestion Triggered Packet Sampling and Filtering,' in Proceedings of the 10th International Conference on Computer Communication and Networks, Scottsdale, AZ, USA, 2001.
11. Mansfield, G., Ohta, K., Takei, Y., Kato, N., Nemoto, Y., 'Towards Trapping Wily Intruders in the Large,' Computer Networks, 34(4), p. 659-670, 2000.
12. Krugel, C., Toth, T., 'Distributed Pattern Detection for Intrusion Detection,' Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA, 2002.
13. th USENIX Security Symposium, Denver, Colorado, USA, 2000.
14. Hussain, A., Heidemann, J., Papadopoulos, C., 'A Framework for Classifying Denial of Service Attacks,' Proceedings of SIGCOMM 03, Karlesruhe, Germany, 2003.
15. Coit, C.J., Staniford, S., McAleney, J., 'Towards Faster String Matching for Intrusion Detection or Exceeding the Speed of Snort,' Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX 01), Anaheim, CA, USA, 2001.
16. Floyd, S., Jacobson, V., 'Random Early Detection Gateways for Congestion Avoidance,' IEEE/ACM Transactions on Networking, 3(4), pp. 365-386, 1993.
17. Pan, R., Prabhakar, B., Psounis, K., 'CHOKe: A Stateless Active Queue Management Scheme for Approximating Fair Bandwidth Allocation', Proceedings of IEEE Infocomm, Tel Aviv, Israel, 2000.