2006
DOI: 10.1109/acsac.2006.5
|View full text |Cite
|
Sign up to set email alerts
|

A Framework for a Collaborative DDoS Defense

Abstract: Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism is necessary for a successful defense. Three main DDoS defense functionalities -attack detection, rate limiting and traffic differentiation -are most effective when performed at the victim-end, core and sourceend respectively. Many existing systems are successful in one aspect of defense, but none offers a comprehensiv… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
67
0

Year Published

2007
2007
2023
2023

Publication Types

Select...
5
2
1

Relationship

1
7

Authors

Journals

citations
Cited by 68 publications
(67 citation statements)
references
References 16 publications
0
67
0
Order By: Relevance
“…Internet Indirection Infrastructure (i3) [9] also uses the Chord overlay to protect applications from direct DoS attacks. Other DoS limiting overlay network architectures have been explored in, e.g., [15,23]. Most of the approaches above use traffic analysis or indirection approaches to make DoS attacks hard, but none of these would be able to survive the attackers considered in this paper since they essentially rely on the ability to protect servers from direct hits of adversarial traffic.…”
Section: Related Workmentioning
confidence: 99%
“…Internet Indirection Infrastructure (i3) [9] also uses the Chord overlay to protect applications from direct DoS attacks. Other DoS limiting overlay network architectures have been explored in, e.g., [15,23]. Most of the approaches above use traffic analysis or indirection approaches to make DoS attacks hard, but none of these would be able to survive the attackers considered in this paper since they essentially rely on the ability to protect servers from direct hits of adversarial traffic.…”
Section: Related Workmentioning
confidence: 99%
“…Oikonomou et al developed the overlay concept of defense mechanism, proposing DefCOM [35]. The authors present a defense system that is both collaborative and deployed widely by combining the advantages of end-to-end approaches, core defenses, and heterogeneous network systems.…”
Section: Network Based Defense Mechanismsmentioning
confidence: 99%
“…To defend against these botnet attacks, two kinds of defense mechanism have been proposed according to the areas that they protect: the network-based and the application-based defense mechanism. The former approach consists mainly of three technical methods: congestion control [33] [34], network configuration [22] [35], and signature filters [16] [18] [36]. On the other hand, the types of application-based defense mechanisms are much more numerous: client-puzzle [37], IRC-based [23], anomaly-based [10] [27], DNS tracking [25], and attack traffic suppression [24].…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…The dynamic decisions of the recursive traversal of the translation table graph, as well as the persistent state, help DRUID to be more adaptive and context dependent, so that various protections and compensation can be added as needed, delaying the cost of expensive mechanisms until they are of real benefit. For example, certain types of DDoS protection [37,41] require adding marks to packets and checking for those marks at various points in the network. DRUID's ability to add and remove blocks dynamically would permit inserting and removing the necessary blocks at the appropriate locations only when DDoS defense was actually required, rather than at all times.…”
Section: Issues and Challengesmentioning
confidence: 99%