招待講演 On Tracing and Mitigating Distributed Denial of Service Attacks
スポンサーリンク
概要
- 論文の詳細を見る
The CSI/FBI surveys have been revealing that the (distributed) denial of service ((D)DoS) attacks are still a major concern leading to a significant revenue loss for many organizations. This talk will provide a brief overview on how to trace back and defend DoS/DDoS attacks, namely, IP traceback and DDoS defense. IP traceback attempts to identify attack sources, i.e., from where the attack traffic comes. We first analyze and evaluate several recently proposed schemes, such as Probabilistic Packet Marking (PPM), iTrace, Hash-based traceback, CenterTrack, and traffic pattern based traceback. We will then present our schemes, including Deterministic Packet Marking (DPM) and Autonomous System-based Edge Marking (ASEM). DPM conducts marking only at the ingress interfaces of the edge routers, thus posing little burden on routers and reducing the router involvement. It is easy and simple to implement. DPM can also address reflective DDoS attacks as long as certain "trust" relationship is maintained between adjacent domains. On the other hand, ASEM aims to improve upon PPM and exhibits three salient benefits: 1) it significantly reduces the computational burden by introducing a new marking policy and using the optimal marking probability, 2) it completely eradicates the spoofed marking intentionally inscribed by the attacker, and 3) it is capable of handling subverted routers by coupling routing and marking information. The second part of this talk discusses DDoS defense schemes, including PacketScore, SYN flood detection, pushback, Puzzle-based defense, and Honey pot. Finally, we briefly outline our proposed comprehensive DDoS defense framework, and future works.
- 2006-09-07
著者
-
Ansari Nirwan
Advanced Networking Laboratory Department Of Electrical And Computer Engineering New Jersey Institut
-
Ansari Nirwan
Advanced Networking Laboratory Department Of Electrical And Computer Engineering New Jersey Institut
関連論文
- アドホックネットワークにおける信頼性を考慮したトポロジ構築に関する検討(アドホックNW)
- 利用可能帯域を考慮したALMツリー構築法の提案(セキュリティ,一般,オーバーレイネットワーク,VPN,DDoS,ネットワークセキュリティ,P2P通信,ネットワークソフトウェア,一般)
- 招待講演 On Tracing and Mitigating Distributed Denial of Service Attacks
- 招待講演 On Tracing and Mitigating Distributed Denial of Service Attacks
- 招待講演 On Tracing and Mitigating Distributed Denial of Service Attacks
- A New QoS Routing Framework for Solving MCP
- Credit-Based Scheduling Algorithms for Input Queued Switch