Less harm, less worry or how to improve network security by bounding system offensiveness

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2000-January, Issue , 2000, Pages 188-195

  Bruschi, D ^a   Cavallaro, L ^a   Rosti, E ^a  

^a UNIVERSITY OF MILAN   (Italy)

Author keywords

Access control; Computer crime; Computer networks; Computer security; Internet; Intrusion detection; Law; Protection; Prototypes; Stacking

Indexed keywords

ACCESS CONTROL; COMPUTER CRIME; COMPUTER NETWORKS; DENIAL-OF-SERVICE ATTACK; INTERNET; INTRUSION DETECTION; MERCURY (METAL); SECURITY OF DATA; SECURITY SYSTEMS;

DISTRIBUTED TOOLS; LAW; PERFORMANCE IMPACT; PROTECTION; PROTOTYPES; SECURITY ARCHITECTURE; SECURITY PROBLEMS; STACKING;

NETWORK SECURITY;

EID: 84949501111     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2000.898872     Document Type: Conference Paper

References (16)

1. Bruschi D., Rosti E., "Disarming offense to facilitate defense," Computer Science Department TR 251-00, Università degli Studi di Milano, April 2000, to appear at "New Security Paradigms Workshop," Cork, Ireland, Sept 2000.
2. CERT-CC, "TCP SYN flooding attacks and IP Spoofing attacks," CERT Advisory CA-96.21, http://www.cert.org, 1996-98.
3. CERT-CC, "Denial of service attack via ping," CERT Advisory CA-96.26, http://www.cert.org, 1996-97.
4. CERT-CC, "IP Denial of service attacks," CERT Advisory CA-97.28, http://www.cert.org, 1997-98.
5. Dittrich D., "The DoS Project's "trinoo" distributed denial of service attack tool," http://staff.washington.edu/dittrich/misc/trinoo.analysis, 1999.
6. Dittrich D., "The "Tribe Flood Network" distributed denial of service attack tool," http://staff.washington.edu/dittrich/misc/tfn.analysis, 1999.
7. Dittrich D., "The "stacheldraht" distributed denial of service attack tool," http://staff.washington.edu/dittrich/misc/stacheldraht.analysis, 1999.
8. Ferguson P., Senie D., "Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing," Network Working Group RFC 2267, http://www.rfc-editor.org/rfc/rfc2267.txt, January 1998.
9. S. Garfinkel, E. Spafford, Practical UNIX and Internet Security, O'Reilly, 1996.
10. Huegen C., "The latest in denial of service attacks: smurfing. Description and information to minimize effects," http://users.quadrunner.com/chuegen/smurf.cgi, last update Feb. 2000.
11. J. Kleinwaechter, "The limitations of intrusion detection systems on high speed networks," presented at the "First International Workshop on Recent Advances in Intrusion Detection (RAID)," http://www.zurich.ibm.com/~dac/RAID98, Louvain La Neuve, Belgium, Sept. 1998.
12. M. Roesch, "Snort - Lightweight Intrusion Detection for Networks," Proc. of the 13th System Administration Conference - LISA '99, Seattle, WA, Nov. 1999.
13. SANS Institute, "Egress Filtering v 0.2," http://www.sans.org/y2k/egress.htm.
14. Schuba C.L., Krsul I.V., Kuhn M.G., Spafford E.H., Sundaram A., Zamboni D., "Analysis of a denial of service attack on TCP," Proc. of the 1997 IEEE Symposium on Security and Privacy, pp 208-223, Oakland, May 1997.
15. Tripunitara M.V., Dutta P., "A middleware approach to asynchronous and backward compatible detection and prevention of ARP cache poisoning," Proc. of the 15th Annual Computer Security Applications Conference, pp 303-309, Dec. 1999.
16. Wired.com, "A frenzy of hacking attacks," http://www.wired.com/news/business/0,1367,34234,00.html, Feb. 2000.