On filtering of DDoS attacks based on source address prefixes

2006 Securecomm and Workshops

Volumn , Issue , 2006, Pages

  Pack, Gary ^a   Yoon, Jaeyoung ^a   Collins, Eli ^a   Estan, Cristian ^a  

^a University of Wisconsin Madison   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ATTACK PACKETS; COLLATERAL DAMAGE; DDOS ATTACKS; DISTRIBUTED DENIAL-OF-SERVICE ATTACKS; FLOODING ATTACKS; HARD PROBLEMS; INTERNET SERVICES; SOURCE ADDRESS;

INFORMATION SERVICES; INTERNET; LAWS AND LEGISLATION; PERSONAL COMPUTING; SECURITY OF DATA; TERMINOLOGY;

COMPUTER CRIME;

EID: 50049083120     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECCOMW.2006.359537     Document Type: Conference Paper

References (33)

1. Sharad Agarwal, Travis Dawson, and Christos Tryfonas. Ddos mitigation via regional cleaning centers. Technical report, Sprint ATL Research Report RR04-ATL-013177, August 2003.
2. Katerina Argyraki and David R. Cheriton. Active internet traffic filtering: Real-time response to denial-of-service attacks. In USENIX Technical Conference, April 2005.
3. Steven Bellovin. The security flag in the ipv4 header. RFC 3514, April 2003.
4. Scott Berinato. How a bookmaker and a whiz kid took on an extortionist and won. http://www.csoonline.com/read/050105/ extortion.html, May 2005.
5. Robert Beverly and Steve Bauer. The spoofer project: Inferring the extent of internet source address filtering on the internet. In USENIX SRUTI, My 2005.
6. Cassell Bryan-Low. Hacker hitmen. http://www.wsjclassroomedition.com/ archive/ 05feb/onln_hacker.htm, February 2005.
7. Cisco. Guard XT. http://www.riverhead.com.
8. Cisco. Preparation for the attack: securing the network and the data plane. ftp://ftp-eng.cisco.com/cons/isp/security/ ISP-Security-Bootcamp- Singapore-2003/ C-Preparation-DataPlane-ACLs-v3-0.pdf.
9. Cloudshield. Service provider managed security services. http://www. cloudshield. com/what_we_do/ Arbor_peak f 1 owSP_OVW.html.
10. Thomer M. Gil and Massimiliano Poletto. Multops: a data-structure for bandwidth attack detection. In USENIX Security Symposium, July 2001.
11. Patrick Gray. DDoS attack cripples Uecomm's AU links. http://www.zdnet.com.au/news/security/ 0, 2000061744, 20273027, 00.htm, March 2003.
12. Ann Harrison. Cyberassaults hit Buy.com, eBay, CNN and Amazon. http://www.computerworld.com/news/ 2000/story/0, 11280, 43010, 00.html, February 2000.
13. C. Jin, H. Wang, and K. Shin. Hop-count filtering: An effective defense against spoofed DoS traffic, 2003.
14. Jayeon Jung, Balachander Krishnamurthy, and Michael Rabinovich. Flash crowds and denial of service attacks: Characterization and implications for CDNs and web sites. In Proceedings of WWW, May 2002.
15. Srikanth Kandula, Dina Katabi, Matthias Jacob, and Arthur Berger. Botz-4-sale: Surviving organized ddos attacks that mimic flash crowds. In NSDI, May 2005.
16. Angelos Keromytis, Vishal Misra, and Dan Rubenstein. SOS:secure overlay services. In Proceedings of the ACM SIGCOMM, August 2002.
17. Tom Killalea. Recommended internet service provider security services and procedures. RFC3013, November 2000.
18. Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker. Controlling high bandwidth aggregates in the network. ACM SIGCOMM Computer Communications Review, 32(3):62-73, July 2002.
19. Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher. Internet Denial of Service Attack and Defense Mechanisms. Prentice Hall, December 2004.
20. Jelena Mirkovic, Gregory Prier, and Peter Reiher. Attacking DDoS at the source. In International Conference on Network Protocols, November 2002.
21. David Moore, Colleen Shannon, and Jeffery Brown. Code-red: a case study on the spread and victims of an internet worm. In Internet Measurement Workshop, 2002.
22. David Moore, Geoffrey M. Voelker, and Stefan Savage. Inferring internet Denial-of-Service activity. In 10th USENIX Security Symposium, 2001.
23. Arbor Networks. Peakflow. http://www.arbornetworks.com.
24. Mazu Networks. Mazu Profiler and Mazu Enforcer. http://www.mazunetworks. net.
25. Gary Pack, Jaeyoung Yoon, Eli Collins, and Cristian Estan. On filtering of DDoS attacks based on source address prefixes. Technical Report 1547, University of Wisconsin-Madison, Department of Computer Sciences, December 2005.
26. Denise Pappalardo and Ellen Messmer. Extortion via DDoS on the rise. Network World, May 2005.
27. Kihong Park and Heejo Lee. On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. In Proceedings of the ACM SIGCOMM, August 2001.
28. Tao Peng, Christopher Leckie, and Kotagiri Ramamohanarao. Protection from distributed denial of service attack using history-based ip filtering. In IEEE International Conference on Communications, pages 482-486, May 2003.
29. Prolexic.http://www.prolexic.com/.
30. The prolexic zombie report. http://www.prolexic.com/zr/, 2005.
31. Paul Vixie, Gerry Sneeringer, and Mark Schleifer. Events of 21-oct-2002. http://d.root-servers.org/ October21.txt, November 2002.
32. Avi Yaar, Adrian Perrig, and Dawn Song. SIFF: A stateless internet flow filter to mitigate DDoS flooding attacks. In Proceedings of the IEEE Symposium on Security and Privacy, May 2004.
33. Xiaowei Yang, David Wetherall, and Thomas Anderson. A DoS-limiting network architecture. In Proceedings of the ACM SIGCOMM, August 2005.