Defending DDoS attacks using network traffic analysis and probabilistic packet drop

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3252, Issue , 2004, Pages 390-397

  Seo, Jungtaek ^a   Lee, Cheolho ^a   Moon, Jongsub ^b  

^a National Security Research Institute (NSRI)   (South Korea)

^b Korea University   (South Korea)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; DENIAL-OF-SERVICE ATTACK; DROPS; NETWORK ARCHITECTURE; NETWORK SECURITY; SECURITY OF DATA; TRANSMISSION CONTROL PROTOCOL;

DDOS ATTACK; DEFENSE MECHANISM; NETWORK PACKETS; NETWORK TRAFFIC; NETWORK TRAFFIC ANALYSIS; PACKET DROPS; TRAFFIC RATE; WEB SERVERS;

INTERNET PROTOCOLS;

EID: 33646829582     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-30207-0_49     Document Type: Article

References (16)

1. Braden, B., et al.: Recommendations on Queue Management and Congestion Avoidance in the Internet, RFC 2309, (1998).
2. Floyd, S., and Jacobson, V.: Random Early Detection (RED) gateway for Congestion Avoidance, IEEE/ACM Transactions on Networking, vol. 1, no. 4, (1993) 397-413.
3. Garber, L.: Denial-of-Service Attacks Rip the Internet, IEEE Computer, vol. 33(4), (2000) 12-17.
4. Gil, T.M, and Poletto, M.: MULTOPS: a data-structure for bandwidth attack detection, In Proceedings of the 10th USENIX Security Symposium, (2001) 23-38.
5. Houle, J.K., and Weaver, M.G.: Trends in Denial of Service Attack Technology, CERT Coordination Center, (2001).
6. Householder, A., Manion, A., Pesante. L., and Weaver. M.G.: Managing the Threat of Denial-of-Service Attacks, CERT Coordination Center, (2001).
7. Kargl, F., Maier, J., and Weber, M.: Protecting Web Servers from Distributed Denial of Service Attacks, In Proceedings of the 10th International Conference on World Wide Web, (2001) 514-524.
8. Kulkarni, A.B., Bush, S.F., and Evans, S.C.: Detecting Distributed Denial-of-Service Attacks Using Kolmogorov Complexity Metrics. Technical report 2001CRD176, GE Research and Development Center, (2001).
9. Lee, C., Noh, S., Choi, K., and Jung, G.: Characterizing DDoS Attacks with Traffic Rate Analysis, In Proceedings of the IADIS e-Society, vol. 1, (2003) 81-88.
10. Li, M., and Vitanyi, P.: An Introduction to Kolmogorov Complexity and Its Applications, Springer-Verlag, Section 7.6, (1997) 506-509.
11. Microsoft: Web Application Stress Tool vl.l, (2000). available-online: http://www.microsoft.com/technet/itsolutions/intranet/downloads/webstres.asp.
12. Moore, D., Voelker, G.M., and Savage, S.: Inferring Internet Denial-of-Service Activity. In Proceedings of the 10th USENIX Symposium, (2001) 9-22.
13. Packet Storm. Tribe Flood Network 2000 (TFN2K) DDoS tool, available on-line: http://packetstormsecurity.org/distributed/TFN2k_Analysis-1.3.txt.
14. Ricciuli, L., Lincoln, P., and Kakkar, P.: TCP SYN Flooding Defense, Communication Networks and Distributed Systems Modeling and Simulation, (2000).
15. Standard Performance Evaluation Corporation. SPECweb99 Benchmark, available on-line: http://www.spec.org/osg/web99.
16. Wang, H., Zhang, D., and Shin, K.G.: Detecting SYN Flooding Attacks, In Proceedings of IEEE INFOCOM - The Conference on Computer Communications, vol. 21, no. 1, (2002) 1530-1539.