A Novel Technique for Detecting DDoS Attacks at Its Early Stage
作者: Bin Xiao , Wei Chen , Yanxiang He
DOI: 10.1007/978-3-540-30566-8_96
关键词:
摘要: Spoofing source IP addresses is always utilized to perform Distributed Denial-of-Service (DDoS) attacks. Most of current detection and prevention methods against DDoS ignore the innocent side, whose as spoofed by attacker. In this paper, a novel method has been proposed direct attacks, which consists two components: client detector server detector. The cooperation those components their interactive behavior lead an early stage attack. From result experiments, approach presented in paper yields accurate alarms at stage. Furthermore, such insensitive false suspect with adopted evaluation functions.
springer.com
acm.org
sci-hub.st 参考文章(13)
Steven Michael Bellovin, John Ioannidis, Implementing Pushback : Router-Based Defense Against DDoS Attacks network and distributed system security symposium. ,(2002) , 10.7916/D8R78MXV
Geoffrey M. Voelker, Stefan Savage, David Moore, Inferring internet denial-of-service activity usenix security symposium. pp. 2- 2 ,(2001)
Steven Bellovin, Marcus Leech, Tom Taylor, ICMP Traceback Messages Internet Draft: draft-bellovin-itrace-00. txt. ,(2003) , 10.7916/D8FF406R
D. Senie, P. Ferguson, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing RFC 2827-BCP 38. ,vol. 2267, pp. 1- 10 ,(1998)
Minho Sung, Jun Xu, IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks IEEE Transactions on Parallel and Distributed Systems. ,vol. 14, pp. 861- 872 ,(2003) , 10.1109/TPDS.2003.1233709
Cheng Jin, Haining Wang, Kang G. Shin, Hop-count filtering: an effective defense against spoofed DDoS traffic computer and communications security. pp. 30- 41 ,(2003) , 10.1145/948109.948116
R.K.C. Chang, Defending against flooding-based distributed denial-of-service attacks: a tutorial IEEE Communications Magazine. ,vol. 40, pp. 42- 51 ,(2002) , 10.1109/MCOM.2002.1039856
Y.W. Chen, Study on the prevention of SYN flooding by using traffic policing network operations and management symposium. pp. 593- 604 ,(2000) , 10.1109/NOMS.2000.830416
A. Yaar, A. Perrig, D. Song, SIFF: a stateless Internet flow filter to mitigate DDoS flooding attacks ieee symposium on security and privacy. pp. 130- 143 ,(2004) , 10.1109/SECPRI.2004.1301320
Alex C. Snoeren, Hash-based IP traceback Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '01. ,vol. 31, pp. 3- 14 ,(2001) , 10.1145/383059.383060