Distributed defense of distributed DoS using pushback and communicate mechanism

Nguyen, Trung Hai; Doan, Cao Thanh; Nguyen, Van Du; Nguyen, T.P.; Doan, Minh Phuong

doi:10.1109/atc.2011.6027461

Cited by 6 publications

(6 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Sachdeva et al [2011] also identified challenges when defending from the victim network, including the computational expense of filtering traffic, the possibility of the defence tools themselves being vulnerable to DDoS, and incorrectly dropping legitimate traffic. While a variety of other approaches have been suggested (e.g., Nguyen et al [2011], Khattab et al [2003], Long et al [2004], Pandey and Pandu Rangan [2011], Wu and Yao [2007]), the current state of the art does not fully mitigate DoS attacks [Jain et al 2011;Modi et al 2013]. …”

Section: Dos Attacks and Existing Mitigation Approachesmentioning

confidence: 99%

Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms

Barna

Shtern

Smit

et al. 2014

ACM Trans. Auton. Adapt. Syst.

View full text Add to dashboard Cite

Denial of Service (DoS) attacks overwhelm online services, preventing legitimate users from accessing a service, often with impact on revenue or consumer trust. Approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the firewall. Filtering at this level can be computationally expensive and difficult to scale, while still producing false positives that block legitimate users.This article presents a model-based adaptive architecture and algorithm for detecting DoS attacks at the web application level and mitigating them. Using a performance model to predict the impact of arriving requests, a decision engine adaptively generates rules for filtering traffic and sending suspicious traffic for further review, where the end user is given the opportunity to demonstrate they are a legitimate user. If no legitimate user responds to the challenge, the request is dropped. Experiments performed on a scalable implementation demonstrate effective mitigation of attacks launched using a real-world DoS attack tool. ACM Reference Format:Barna, C., Shtern, M., Smit, M., Tzerpos, V., and Litoiu, M. 2014. Mitigating DoS attacks using performance model-driven adaptive algorithms.

show abstract

Section: Dos Attacks and Existing Mitigation Approachesmentioning

confidence: 99%

Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms

Barna

Shtern

Smit

et al. 2014

ACM Trans. Auton. Adapt. Syst.

View full text Add to dashboard Cite

show abstract

“…This traffic deflection can further be utilized for traffic distribution. Nguyen et al proposed a distributed DDoS defense scheme PaC [10], which is based on "pushback and communicate" idea. PaC uses proprietary messages to inform routers closer to the attack source to filter attacks, thus distributing the attack amongst many routers and not just the edge router to the server.…”

Section: Related Workmentioning

confidence: 99%

Performance Analysis of Agent Based Distributed Defense Mechanisms Against Ddos Attacks

Singh¹,

Dhindsa²,

Bhushan³

2018

IJC

View full text Add to dashboard Cite

The current internet infrastructure is susceptible to distributed denial of service (DDoS) attacks and has no built in mechanism to defend against them. The research on these kinds of attacks and their defense is significant for the security and reliability of the internet. We have already proposed a collaborative agent based distributed DDoS defense scheme which detect and prevents against DDoS attacks in ISP (Internet Service Provider) boundaries. The actual task of defense is carried out by agents and coordinators in each ISP. The defense system works by inspecting incoming traffic on edge router and identify the happening of DDoS attacks. The agent’s implements an entropy-threshold based detection algorithm. The coordinators share attack related information with neighboring ISPs in order to achieve distributed defense. The performance of defense system is evaluated on the basis of some identified metrics. The effectiveness of the defense system is evaluated in the presence and absence of defense system. The result indicates that the proposed defense system does accurate attack detection with very few false positives and false negatives.

show abstract

“…DoS: Denial of Service). Najbardziej rozpowszechnionymi sposobami realizacji ataków DoS są ataki rozproszone Distributed Denial of Service (DDoS: [8], [4], [3], [10], liczne opisy można znaleźć w [12]).…”

Section: Domeny I Odpieranie Ataku Ddosunclassified

A Laboratory Model for Studying Federations of Cyber Defense Systems

Patkowski

2014

SBN

View full text Add to dashboard Cite

W opracowaniu naszkicowano możliwości budowy najprostszego systemu obrony federacyjnej przed atakami DDoS. Przedstawiono również wybrane rozwiązania techniczne dla takiego systemu i zaprezentowano tani model laboratoryjny do badań jego właściwości oraz zachowania się. Adekwatność modelu osiągana jest dzięki wykorzystywaniu w badaniach, jako tła, ruchu sieciowego zarejestrowanego w reprezentatywnych lub docelowych sieciach. Wskazano możliwości badań z wykorzystaniem tego modelu i uzyskania odpowiedzi na pytania potencjalnych uczestników federacji.

show abstract

Distributed defense of distributed DoS using pushback and communicate mechanism

Cited by 6 publications

References 2 publications

Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms

Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms

Performance Analysis of Agent Based Distributed Defense Mechanisms Against Ddos Attacks

A Laboratory Model for Studying Federations of Cyber Defense Systems

Contact Info

Product

Resources

About