Study of detection method for spoofed IP against DDoS attacks
作者: Yong-Joon Lee , Nam-Kyun Baik , Cheonshik Kim , Ching-Nung Yang
DOI: 10.1007/S00779-017-1097-Y
关键词:
摘要: Cybercriminals are learning to harness the power of simpler devices like connected cameras. In September 2016, Mirai software was used infect more than 100,000 and unleash one largest distributed denial-of-service (DDoS) attacks up that time. After this incident, many people identified multiple large coming from Internet Things (IoT) devices, CCTV cameras, described these as a new trend. A technique detect whether signal source is counterfeited in initial stage DDoS attack important. This paper proposes method for quick detection spoofed protocol (IP) during based on shelter established defend against attacks. order achieve goal, we evaluate number time-to-live hops normal traffic reference bandwidth each network accessible shelter. study, conduct an experiment using cases actual As result experiment, prove our proposed quickly detects IP.
springer.com
acm.org
sci-hub.se 参考文章(18)
Farnam Jahanian, G. Robert Malan, Matthew Smart, Defeating TCP/IP stack fingerprinting usenix security symposium. pp. 17- 17 ,(2000)
Matthew Orlinski, Matthias Wählisch, Christian Rossow, Thomas C. Schmidt, Fabrice J. Ryba, Amplification and DRDoS Attack Defense - A Survey and New Perspectives. arXiv: Networking and Internet Architecture. ,(2015)
A. Bremler-Barr, H. Levy, Spoofing prevention method international conference on computer communications. ,vol. 1, pp. 536- 547 ,(2005) , 10.1109/INFCOM.2005.1497921
LI Li, Su-bin SHEN, None, Packet track and traceback mechanism against denial of service attacks The Journal of China Universities of Posts and Telecommunications. ,vol. 15, pp. 51- 58 ,(2008) , 10.1016/S1005-8885(08)60107-7
Sunghyuck Hong, Efficient and secure DNS cyber shelter on DDoS attacks Journal of Computer Virology and Hacking Techniques. ,vol. 11, pp. 129- 136 ,(2015) , 10.1007/S11416-014-0230-Y
A. Saboor, B. Aslam, Analyses of flow based techniques to detect Distributed Denial of Service attacks international bhurban conference on applied sciences and technology. pp. 354- 362 ,(2015) , 10.1109/IBCAST.2015.7058529
A. Yaar, A. Perrig, D. Song, StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense IEEE Journal on Selected Areas in Communications. ,vol. 24, pp. 1853- 1863 ,(2006) , 10.1109/JSAC.2006.877138
Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems ACM Computing Surveys. ,vol. 39, pp. 3- ,(2007) , 10.1145/1216370.1216373
Zhuqing Wan, Yongping Zhang, Tianjie Cao, Mingming Wu, Fengjian Wang, A novel Authenticated Packet Marking Scheme for IP Trace-back ieee international conference on computer science and information technology. pp. 150- 153 ,(2009) , 10.1109/ICCSIT.2009.5234375
James B. Wendt, Miodrag Potkonjak, Teng Xu, Security of IoT systems: design challenges and opportunities international conference on computer aided design. pp. 417- 423 ,(2014) , 10.5555/2691365.2691450