Protection against denial of service attacks: A survey

Computer Journal

Volumn 53, Issue 7, 2010, Pages 1020-1037

  Loukas, Georgios ^a   Öke, Gülay ^a  

^a IMPERIAL COLLEGE LONDON   (United Kingdom)

Author keywords

computer networks; denial of service; network security

Indexed keywords

DEFENCE MECHANISMS; DENIAL OF SERVICE; DENIAL OF SERVICE ATTACKS; DOS ATTACKS; DOS PROTECTION; INCOMING TRAFFIC; LITERATURE REVIEWS; MATHEMATICAL MODELLING; NETWORK RESOURCE; NEW DIRECTIONS; PROTECTION MECHANISMS; TRACEBACK;

COMPUTER CRIME; INTERNET; RESEARCH; SURVEYS; TRANSMISSION CONTROL PROTOCOL;

NETWORK SECURITY;

EID: 77955689268     PISSN: 00104620     EISSN: 14602067     Source Type: Journal    
DOI: 10.1093/comjnl/bxp078     Document Type: Article

References (114)

1. Gilgor, V. (1983) A Note on the Denial-of-Service Problem. Proc. Symp. Security and Privacy (SP'83), Oakland, CA, USA, April 25-27, pp. 139-149. IEEE Computer Society, Washington, DC, USA.
2. Morris, R.T. (1985) A Weakness in the 4.2BSD Unix TCP/IP Software. Computer Science Technical Report 117,AT&T Bell Labs, Murray Hills, NJ, USA.
3. Shipley, G. (1999) ISS RealSecure pushes past newer IDS players. Netw. Comput., 10, 95-111.
4. Tuncer, T. and Tatar,Y. (2008) Detection SYN Flooding Attacks Using Fuzzy Logic. Proc. Int. Conf. Information Security and Assurance (ISA'08), Washington, DC, USA, April 24-26, pp. 321-325. IEEE Computer Society, NewYork, NY, USA.
5. Mirkovic, J. and Reiher, P. (2005) D-WARD: A source-end defense against flooding denial-of-service attacks. IEEE Trans. Dependable Secur. Comput., 2, 216-232.
6. Asosheh, A. and Ramezani, N. (2008) A comprehensive taxonomy of DDoS attacks and defense mechanism applying in a smart classification. WSEAS Trans. Comput., 7, 281-290.
7. Mirkovic, J., Dietrich, S., Dittrich, D. and Reiher, P. (2004) Internet Denial of Service Attack and Defense Mechanisms (1st edn). Prentice-Hall PTR, NJ, USA.
8. Paxson,V. (2001) An analysis of using reflectors for distributed denial-of-service attacks. ACMSIGCOMMs Comput. Commun. Rev., 31, 38-47.
9. Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S. and Weaver, N. (2003) Inside the slammer worm. IEEE Secur. Priv., 1, 33-39.
10. Hemenway, K. and Calishain, T. (2003) Spidering Hacks. O'Reilly & Associates, Sebastopol, CA, USA.
11. Goucher, W. (2009) The tipping point. Comput. Fraud Secur., 1, 11-13.
12. Lesk, M. (2007) The new front line: Estonia under cyberassault. IEEE Secur. Priv., 5, 76-79.
13. Jalili, R., Imani-Mehr, F., Amini, M. and Shahriari, H.-R. (2005) Detection of distributed denial of service attacks using statistical pre-processor and unsupervised neural networks. Lect. Notes Comput. Sci., 3439, 192-203.
14. Gavrilis, D. and Dermatas, E. (2005) Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features. Comput. Netw. ISDN Syst., 48, 235-245.
15. Gavrilis, D., Tsoulos, I. and Dermatas, E. (2004) Feature selection for robust detection of distributed denial-of-service attacks using genetic algorithms. Lect. Notes Artif. Intell., 3025, 276-281.
16. Ng,W., Chan, A.,Yeung, D. and Tsang, E. (2006) Construction of high precision RBFNN with low false alarm for detecting flooding based denial of service attacks using stochastic sensitivity measure. Lect. Notes Artif. Intell., 3930, 851-860.
17. Chan, A., Ng, W., Yeung, D.S. and Tsang, E. (2005) Multiple classifier system with feature grouping for intrusion detection: Mutual information approach. Lect. Notes Artif. Intell., 3683, 141-148.
18. Chan, A., Yeung, D., Tsang, E. and Ng, W. (2006) Empirical study on fusion methods using ensemble of RBFNN for network intrusion detection. Lect. Notes Artif. Intell., 3930, 682-690.
19. Giacinto, G., Roli, F. and Didaci, L. (2003) Fusion of multiple classifiers for intrusion detection in computer networks. Pattern Recognit. Lett., 24, 1795-1803.
20. Mukkamala, S., Sung, A.H. and Abraham, A. (2005) Intrusion detection using an ensemble of intelligent paradigms. J. Netw. Comput. Appl., 28, 167-182.
21. Noh, S., Lee, C., Choi, K. and Jung, G. (2003) Detecting distributed denial of service (DDoS) attacks through inductive learning. Lect. Notes Comput. Sci., 2690, 286-295.
22. Öke, G. and Loukas, G. (2007) A denial of service detector based on maximum likelihood detection and the random neural network. Comput. J., 50, 717-727.
23. Gelenbe, E. (1993) Learning in the recurrent random neural network. Neural Comput., 5, 154-164.
24. Kim, M., Na, H. Chae, K., Bang, H., and Na, J. (2004) A combined data mining approach for DDoS attack detection. Lect. Notes Comput. Sci., 3090, 943-950.
25. Siaterlis, C. and Maglaris, B. (2004) Towards Multisensor Data Fusion for DoS Detection. Proc. Symp. Applied Computing (SAC'04), Nicosia, Cyprus, March 14-17, pp. 439-446. ACM, NewYork, NY, USA.
26. He, H., Luo, X. and Liu, B. (2005) Detecting anomalous network traffic with combined fuzzy-based approaches. Lect. Notes Comput. Sci., 3645, 433-442.
27. Lee, S., Kim,Y., Lee, B., Kang, S. andYoun, C. (2005)A probe detection model using the analysis of the fuzzy cognitive maps. Lect. Notes Comput. Sci., 3480, 320-328.
28. Wei, W., Dong, Y., Lu, D. and Jin, G. (2006) Combining cross-correlation and fuzzy classification to detect distributed denial-of-service attacks. Lect. Notes Comput. Sci., 3994, 57-64.
29. Mukkamala, S. and Sung, A.H. (2004) Computational Intelligent Techniques for Detecting Denial of Service Attacks. Proc. Conf. Innovations in Applied Artificial Intelligence (IEA/AIE'04), Ottawa, Canada, May 17-20, pp. 616-624. Springer, Berlin, Germany.
30. Sung, A. and Mukkamala, S. (2004) The feature selection and intrusion detection problems. Lect. Notes Comput. Sci., 3321, 468-482.
31. Mukkamala, S., Xu, D. and Sung, A. (2006) Intrusion detection based on behaviour mining and machine learning techniques. Lect. Notes Artif. Intell., 4031, 619-628.
32. Uhlig, S. and Bonaventure, O. (2001) Understanding the longterm self-similarity of internet traffic. Lect. Notes Comput. Sci., 2156, 286-298.
33. Xiang,Y., Lin,Y., Lei,W. and Huang, S. (2004) DetectingDDOS attack based on network self-similarity. IEE Proc., Commun., 151, 292-295.
34. Feinstein, L., Schnackenberg, D., Balupari, R. and Kindred, D. (2003) Statistical Approaches to DDoS Attack Detection and Response. Proc. Information Survivability Conf. Exposition (DISCEX-III), Washington, DC, April 22-24, pp. 303-314. DARPA, Arlington, VA, USA.
35. Li, M., Chi, C.-H. and Long, D. (2004) Fractional Gaussian noise: A tool for characterizing traffic for detection purpose. Lect. Notes Comput. Sci., 3309, 94-103.
36. Li, M. (2004)Anapproach to reliably identifying signs ofDDOS flood attacks based on LRD traffic pattern recognition. Comput. Secur., 23, 549-558.
37. Tsybakov, B. and Georganas, N. (1998) Self-similar processes in communications networks. IEEE Trans. Inf. Theory, 44, 1713-1725.
38. Wang, H., Zhang, D. and Shin, K. (2002) Detecting SYN Flooding Attacks. Proc. INFOCOM'02, New York, NY, USA, June 23-27, pp. 1530-1539. IEEE Communications Society, NewYork, NY, USA.
39. Siris, V. and Papagalou, F. (2004) Application of Anomaly Detection Algorithms for Detecting SYN Flooding Attacks. Proc. GLOBECOM'04, Dallas, TX, USA, November 29- December 3, pp. 2050-2054.
40. Leu, F. and Yang, W. (2005) Intrusion detection with CUSUM for TCP-based DDoS. Lect. Notes Comput. Sci., 3823, 1255-1264.
41. Gu, R., Yan, P., Zou, T. and Guo, C. (2005) An automatic and generic early-bird system for internet backbone based on traffic anomaly detection. Lect. Notes Comput. Sci., 3420, 740-748.
42. Kulkarni, A. and Bush, S. (2006) Detecting distributed denial of service attacks using kolmogorov complexity metrics. J. Netw. Syst. Manage., 14, 69-80.
43. Furuya, F., Matsuzaki, T. and Matsuura, K. (2005) Detection of unknown DoS attacks by Kolmogorov-complexity fluctuation. Lect. Notes Comput. Sci., 3822, 395-406.
44. Lee, K., Kim, J., Kwon, K.H., Han, Y. and Kim, S. (2008) DDoS attack detection method using cluster analysis. Expert Syst. Appl., 34, 1659-1665.
45. Li, L. and Lee, G. (2005) DDoS attack detection and wavelets. Telecommun. Syst., 28, 435-451.
46. Yang, X., Liu, Y., Zeng, M. and Shi, Y. (2004) A Novel DDoS Attack Detecting Algorithm Based on the Continuous Wavelet Transform. Proc. Advanced Workshop on Content Computing (AWCC'04), Zhen Jiang, Jiang Su, China, November 15-17, pp. 173-181.
47. Lu,W. and Ghorbani, A.A. (2009) Network anomaly detection based on wavelet analysis. EURASIP J. Adv. Signal Process., 2009, 1-16.
48. Kim, S.S. and Reddy, A.L.N. (2008) Statistical techniques for detecting traffic anomalies through packet header data. IEEE/ACM Trans. Netw., 16, 562-575.
49. Peng, T., Leckie, C. and Ramamohanarao, K. (2003) Detecting distributed denial of service attacks by sharing distributed belief. Lect. Notes Comput. Sci., 2727, 214-225.
50. Cetnarowicz, K. and Rojek, G. (2004) Behavior based detection of unfavourable resource. Lect. Notes Comput. Sci., 3038, 607-614.
51. Seo, H.S. and Cho, T.H. (2002) Modeling and Simulation for Detecting a Distributed Denial of Service Attack. Proc. Australian Joint Conf. Artificial Intelligence (AI'02), Canberra, Australia, September 16-21.
52. Hussain, A., Heidemann, J. and Papadopoulos, C. (2003) A Framework for Classifying Denial of Service Attacks. Proc. Conf. Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM'03), Karlsruhe, Germany, August 25-29, pp. 99-110. ACM, New York, NY, USA.
53. Gelenbe, E., Lent, R. and Nunez,A. (2004) Self-aware networks and QoS. Proc. IEEE, 92, 1478-1489.
54. Jing, S., Wang, H. and Shin, K. (2003) Hop-count filtering an effective defense against spoofed traffic. Proc. Int. Conf. Computer and Communications Security (CCS'03), Washington, DC, USA, October 27-30, pp. 30-41. ACM, New York, NY, USA.
55. Kim,Y., Lau,W., Chuah, M. and Chao, H. (2006) PacketScore: A statistics-based packet filtering scheme against distributed denial-of-service attacks. IEEE Trans. Dependable Secur. Comput., 3, 141-155.
56. Ayres, P., Sun, H., Chao, H. and Lau,W. (2006) ALPi: a DDoS defence system for high-speed networks. IEEE J. Sel. Areas Commun., 24, 1864-1876.
57. Sisalem, D., Kuthan, J. and Ehlert, S. (2006) Denial of service attacks targeting a sip voip infrastructure: attack scenarios and prevention mechanisms. IEEE Netw., 20, 26-31.
58. Jung, J., Krishnamurthy, B. and Rabinovich, M. (2002) Flash Crowds and Denial of Service Attacks: Characterization and Implications for CDNs andWeb Sites. Proc. Conf. World Wide Web (WWW'02), Honolulu, HI, USA, May 7-11, pp. 553-561. ACM, NewYork, NY, USA.
59. Morein,W.G., Stavrou, A., Cook, D.L., Keromytis, A.D., Misra, V. and Rubenstein, D. (2003) Using Graphic Turing Tests to Counter Automated DDoS Attacks Against Web Servers. Proc. Conf. Computer and Communications Security (CCS'03), Washington, DC, USA, October 27-30, pp. 8-19. ACM, New York, NY, USA.
60. Kandula, S., Katabi, D., Jacob, M. and Berger, A. (2005) Botz-4-sale: Surviving Organized DDoS Attacks that Mimic Flash Crowds. Proc. Symp. Networked Systems Design and Implementation (NDSI'05), Houston, TX, USA, April 4-6, pp. 287-300. USENIX Association, Berkeley, CA, USA.
61. Mori, G. and Malik, J. (2003) Recognizing Objects in Adversarial Clutter-Breaking aVisualCAPTCHA.Proc. Conf. ComputerVision andPattern Recognition (CVPR'03), Madison, WI, USA, June 16-22, pp. 134-141.
62. Gao, Z. and Ansari, N. (2006) Differentiating malicious DDoS attack traffic from normal TCP flows by proactive tests. Commun. Lett., 10, 793-795.
63. Thomas, R., Mark, B., Johnson, T. and Croall, J. (2003) Netbouncer: Client-Legitimacy-Based High-Performance DDoS Filtering. Proc. Information Survivability Conf. Exposition (DISCEX-III),Washington, DC, USA, April 22-24, pp. 14-25. DARPA, Arlington, VA, USA.
64. Juels, A. and Brainard, J. (1999) Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. Proc. Network and Distributed System Security Symp. (NDSS'99), San Diego, CA, USA, February, pp. 151-165. The Internet Society,Washington, DC, USA.
65. Aura, T., Nikander, P. and Leiwo, J. (2001) DOS-resistant authentication with client puzzles. Lect. Notes Comput. Sci., 2133, 170-177.
66. Wang, X. and Reiter, M.K. (2003) Defending Against Denialof- Service Attacks with Puzzle Auctions. Proc. Symp. Security and Privacy (SP'03),Washington, DC, USA, pp. 78-92. IEEE Computer Society, NewYork, NY, USA.
67. Wang, X. and Reiter, M.K. (2008) A multi-layer framework for puzzle-based denial-of-service defense. Int. J. Inf. Secur., 7, 243-263.
68. Khattab, S., Gobriel, S., Melhem, R. and Mosse, D. (2008) Live Baiting for Service-Level DOS Attackers. Proc. INFOCOM'08, Dublin, Ireland, April 13-19, pp. 171-175. IEEE Communications Society, NewYork, NY, USA.
69. Dobson, S., Denazis, S., Fernandez, A., Gaiti, D., Gelenbe, E., Massacri, F., Nixon, P., Saffre, F., Schmidt, N. and Zambonelli, F. (2006) A survey of autonomic communications. ACM Trans. Auton. Adapt. Syst., 1, 223-259.
70. Mahajan, R., Bellovin, S.M., Floyd, S., Ioannidis, J., Paxson,V. and Shenker, S. (2002) Controlling high bandwidth aggregates in the network. ACM SIGCOMM Comput. Commun. Rev., 32, 62-73.
71. Ioannidis, J. and Bellovin, S. (2002) Implementing Pushback: Router-Based Defense Against DDoS Attacks. Proc. Network and Distributed System Security Symp. (NDSS'02), San Diego, CA, USA, February 6-8, pp. 1-12. The Internet Society, Washington, DC, USA.
72. Keromytis, A.D., Misra, V. and Rubenstein, D. (2002) SOS: Secure Overlay Services. Proc. Conf. Applications, Technologies, Architectures, and Protocols for Computer Communications SIGCOMM'02, Pittsburgh, PA, USA, August 19-23, pp. 61-72. ACM, NewYork, NY, USA.
73. Andersen, D. (2004) Mayday: Distributed DoS filtering for internet services. ACM SIGCOMM Comput. Commun. Rev., 34, 39-44.
74. Mankins, D., Krishnan, R., Boyd, C., Zao, J. and Frentz, M. (2001) Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing. Proc. Annual Computer Security Applications Conf. (ACSAC'01), Washington, DC, USA, December 10-14, pp. 411-421. IEEE Computer Society, NewYork, NY, USA.
75. Garg, A. and Reddy, A.N. (2004) Mitigation of DoS attacks throughQoSregulation. Microprocess. Microsyst., 28, 521-530.
76. Brustoloni, J. (2002) Protecting Electronic Commerce from Distributed Denial-of-Service Attacks. Proc. Conf. World Wide Web (WWW'02), Honolulu, HI, USA, May 7-11, pp. 553-561. ACM, NewYork, NY, USA.
77. Khattab, S., Sangpachatanaruk, C., Znati, T., Melhern, R. and Mosse, D. (2003) Proactive Server Roaming for Mitigating Denial-of-Service Attacks. Proc. Conf. Information Technology Research and Education (ITRE'03), Newark, NJ, USA, August 10-13, pp. 1-5.
78. Khattab, S., Sangpachatanaruk, C., Moss, D., Melhem, R. and Znati, T. (2004) Roaming Honeypots for Mitigating Service- Level Denial-of-Service Attacks. Proc. Int. Conf. Distributed Computing Systems (ICDCS'04), Washington, DC, USA, pp. 328-337. IEEE Computer Society, NewYork, NY, USA.
79. Mirkovic, J., Reiher, P. and Robinson, M. (2003) Forming Alliance for DDoS Defense. Proc. New Security Paradigms Workshop, Centro Stefano Francini, Ascona, Switzerland.
80. Papadopoulos, C., Lindell, R., Mehringer, J., Hussain, A. and Govindan, R. (2003) COSSACK: Coordinated Suppression of Simultaneous Attacks. Proc. Information Survivability Conf. Exposition (DISCEX-III),Washington, DC, USA, April 22-24, pp. 2-13. DARPA, Arlington, VA, USA.
81. Kuzmanovic, A. and Knightly, E.W. (2006) Low-rate TCPtargeted denial of service attacks and counter strategies. IEEE/ACM Trans. Netw., 14, 683-696.
82. Shevtekar, A., Anantharam, K. and Ansari, N. (2005) Low-rate TCP denial-of-service attack detection at edge routers. IEEE Commun. Lett., 9, 363-365.
83. Sarat, S. and Terzis, A. (2005) On the Effect of Router Buffer Sizes on Low-Rate Denial of Service Attacks. Proc. Int. Conf. Computer Communications and Networks (ICCCN'05), San Diego, CA, October 17-19. IEEE Computer Society, Washington, DC, USA.
84. Chen, Y. and Hwang, K. (2006) Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. J. Parallel Distrib. Comput., 66, 1137-1151.
85. Ranjan, S.,Swaminathan, R., Uysal, M., Nucci,A. and Knightly, E. (2009) DDoS-shield: DDoS-resilient scheduling to counter application layer attacks. IEEE/ACM Trans. Netw., 17, 26-39.
86. Gelenbe, E. (2005) Users and services in intelligent networks. Lect. Notes Comput. Sci., 3837, 30-45.
87. Gelenbe, E., Lent, R. and Xu, Z. (2001) Measurement and performance of a cognitive packet network. J. Comput. Netw., 37, 691-701.
88. Sakellari, G. (2009) The cognitive packet network: a survey. Comput. J.: Special Issue on Random Neural Networks, doi: 10.1093/comjnl/bxp053.
89. Gelenbe, E., Lent, R., Montuori, A. and Xu, Z. (2002) Cognitive Packet Networks: QoS and Performance. Proc. IEEE Int. Symp. Modelling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'02), Ft. Worth, TX, USA, October, pp. 3-12. IEEE, NewYork, NY, USA.
90. Sakellari, G. and Gelenbe, E. (2009) Adaptive Resilience of the Cognitive Packet Network the Presence of Network Worms. Proc. NATO Symp. C3I for Crisis, Emergency and Consequence Management, Bucharest, Romania, May 11-12. NATO Research & Technology Organisation.
91. Sakellari, G., Gelenbe, E. and D'Arienzo, M. (2008) Admission of QoS aware users a smart network. ACMTrans. Auton. Adapt. Syst., 3, 1-28.
92. Sakellari, G. and Gelenbe, E. (2008) A Multiple Criteria, Measurement-Based Admission Control Mechanism for Self- Aware Networks. Proc. Third Int. Conf. Communications and Networking China (CHINACOM'08), Hangzhou, China,August 25-27, pp. 1060-1064. IEEE, NewYork, NY, USA.
93. Gelenbe, E., Gellman, M. and Loukas, G. (2004) Defending Networks Against Denial of Service Attacks. Proc. Conf. Optics/Photonics in Security and Defence (SPIE'04), London, UK, October 25,Vol. 5611, pp. 233-243. SPIE, BellinghamWA, USA.
94. Gelenbe, E., Gellman, M. and Loukas, G. (2005)AnAutonomic Approach to Denial of Service Defence. Proc. WoWMoM Workshop on Autonomic Communications and Computing (WoWMoM/ACC'05), Taormina, Italy, June 13-16, pp. 537- 541. IEEE Computer Society, NewYork, NY, USA.
95. Gelenbe, E. and Loukas, G. (2007) Self-aware approach to denial of service defence. Comput. Netw., 51, 1299-1314.
96. Ferguson, P. and Senie, D. (2000) Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing. RFC 2827, Internet Engineering Task Force, USA.
97. Savage, S., Wetherall, D., Karlin, A. and Anderson, T. (2000) Practical Network Support for IP Traceback. Proc. Conf. Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM'00), Stockholm, Sweden, August 28-September 1, pp. 295-306. ACM, New York, NY, USA.
98. Song, D. and Perrig, A. (2001) Advanced and Authenticated Marking Schemes for IP Traceback. Proc. INFOCOM'01, Anchorage, AK, USA, April 22-26, pp. 878-886. IEEE Communications Society, NewYork, NY, USA.
99. Snoeren, A.C. (2001) Hash-Based IP Traceback. Proc. Conf. Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM'01), San Diego, CA, USA, August 27-31, pp. 3-14. ACM, NewYork, NY, USA.
100. Dean, D., Franklin, M. and Stubblefield, A. (2002)An algebraic approach to IP traceback. ACM Trans. Inf. Syst. Secur., 5, 119-137.
101. Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakountio, F., Schwartz, B., Kent, S.T. and Strayer, W.T. (2002) Single-packet IP traceback. IEEE/ACMTrans. Netw., 10, 721-734.
102. Sung, M. and Xu, J. (2002) IP Traceback-Based Intelligent Packet Filtering: A Novel Technique for Defending Against Internet DDoS Attacks. Proc. Int. Conf. Network Protocols (ICNP'02), Paris, France, November 12-15, pp. 302-311. IEEE Computer Society,Washington, DC, USA.
103. Aljifri, H. (2003) IP traceback: a new denial-of-service deterrent? IEEE Secur. Priv., 1, 24-31.
104. Burch, H. (2000) Tracing Anonymous Packets to their Approximate Source. Proc. Conf. System Administration (LISA'00), New Orleans, LA, USA, December 3-8, pp. 319- 328. USENIX Association, Berkeley, CA, USA.
105. Song, D. and Perrig, A. (2000) Advanced and Authenticated Marking Schemes for IP Traceback. Technical Report UCB/CSD-00-1107, University of California, Berkeley, USA.
106. Bellovin, S. (2000). ICMP traceback messages. Internet Draft: draft-bellovin-itrace-00.txt.
107. Tupakula, U. andVaradharajan,V. (2006) Analysis of Traceback Techniques. In Safavi-Naini, R., Steketee, C. and Susilo, W. (eds), Proc. Australasian Information SecurityWorkshop AISWNetSec' 06, Hobart, Australia, pp. 115-124.
108. Sanchez, L., Milliken, W., Snoeren, A., Tchakountio, F., Jones, C., Kent, S., Partridge, C. and Strayer, W. (2001) Hardware Support for a Hash-Based IP Traceback. Proc. Information Survivability Conf. Exposition II (DISCEX-II), Anaheim, CA, June 12-14, pp. 146-152. DARPA, Arlington, VA, USA.
109. Gong, C. and Sarac, K. (2008) A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Trans. Parallel Distrib. Syst., 19, 1310-1324.
110. Laufer, R.P., Velloso, P.B., Cunha, D., Moraes, I.M., Bicudo, M.D., Moreira, M.D. and Duarte, O. (2007) Towards Stateless Single-Packet IP Traceback. Proc. Conf. Local Computer Networks (LCN'07),Washington, DC, USA, pp. 548-555. IEEE Computer Society, NewYork, NY, USA.
111. Castelucio, A., Salles, R. and Ziviani, A. (2009) An AS-level overlay network for IP traceback. Network (special Issue on recent developments in network intrusion detection), 23, 36-41.
112. Aissani, A. (2008) Queueing Analysis for Networks Under DoS Attack. Proc. Int. Conf. Computational Science and its Applications (ICCSA'08), Part II, Perugia, Italy, June 30-July 3, pp. 500-513. Springer, Berlin/Heidelberg, Germany.
113. Yau, D., Lui, J., Liang, F. andYam,Y. (2005) Defending against distributed denial-of-service attacks with max-min fair servercentric router throttles. IEEE/ACM Trans. Netw., 13, 29-42.
114. Hussain, A., Heidemann, J. and Papadopoulos, C. (2006) Identification of Repeated Denial of Service Attacks. Proc. INFOCOM'06, Barcelona, Spain, April 23-29, pp. 1-15. IEEE Communications Society, NewYork, NY, USA.