More Web Proxy on the site http://driver.im/

article

A self-aware approach to denial of service defence

Authors:

George LoukasAuthors Info & Claims

Computer Networks: The International Journal of Computer and Telecommunications Networking, Volume 51, Issue 5

Pages 1299 - 1314

https://doi.org/10.1016/j.comnet.2006.09.009

Published: 01 April 2007 Publication History

Abstract

Denial of service (DoS) attacks are a serious security threat for Internet based organisations, and effective methods are needed to detect an attack and defend the nodes being attacked in real time. We propose an autonomic approach to DoS defence based on detecting DoS flows, and adaptively dropping attacking packets upstream from the node being attacked using trace-back of the attacking flows. Our approach is based on the Cognitive Packet Network infrastructure which uses smart packets to select paths based on Quality of Service. This approach allows paths being used by a flow (including an attacking flow) to be identified, and also helps legitimate flows to find robust paths during an attack. We evaluate the proposed approach using a mathematical model, as well as using experiments in a laboratory test-bed. We then suggest a more sophisticated defence framework based on authenticity tests as part of the detection mechanism, and on assigning priorities to incoming traffic and rate-limiting it on the basis of the outcome of these tests.

References

[1]

R.T. Morris, A Weakness in the 4.2BSD Unix TCP/IP software. Technical Report Computer Science #117, AT&T Bell Labs, February 1985.

[2]

P. Ferguson, D. Senie, Network ingress filtering: defeating Denial of Service attacks which employ IP source address spoofing, Tech. Rep. RFC 2267, January 1998.

Digital Library

[3]

Gelenbe, E., Xu, Z. and Şeref, E., Cognitive packet networks. In: Proc. 11th Int. Conf. on Tools for AI (TAI99), IEEE Computer Society. pp. 47-54.

Digital Library

[4]

Gelenbe, E. and Pujolle, G., Introduction to Queueing Networks. second ed. Wiley, London and New York.

Digital Library

[5]

Paxson, V., An analysis of using reflectors for distributed Denial-of-Service attacks. ACM Computer Communications Review. v31 i3.

Digital Library

[6]

D. Song, A. Perrig, Advanced and authenticated marking schemes for IP traceback, in: Proc. Infocom 2001, Anchorage, Alaska, USA, 22-26 April 2001, vol. 2, pp. 878-886, ISBN: 0-7803-7016-3.

[7]

BBC News, Mafiaboy hacker jailed, September 13, 2001. <http://news.bbc.co.uk/1/hi/sci/tech/1541252.stm>.

[8]

G. Rice, J. Davis, A genealogical approach to analyzing post-mortem denial of service attacks, in: Secure and Dependable System Forensics Workshop, University of Idaho, September 23-25, 2002.

[9]

A. Snoeren, C. Partridge, L.A. Sanchez, C.E. Jones, F. Tchakountio, B. Schwartz, S. Kent, W.T. Strayer, Single-packet IP traceback, in: IEEE/ACM Transactions on Networking, 10 (6) (2002) 721-734, ISSN: 1063-6692.

Digital Library

[10]

R. Mahajan, S. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, S. Shenker, Controlling high bandwidth aggregates in the network. ACM SIGCOMM Computer Communication Review, 32(3) (2002) 62-73, ISSN: 0146-4833.

Digital Library

[11]

E. Gelenbe, R. Lent, Z. Xu, Cognitive packet networks: QoS and performance, in: Proc. IEEE MASCOTS Conference, Fort Worth, TX, October 2002, pp. 3-12, ISBN 0-7695-0728-X.

Digital Library

[12]

S. Jing, H. Wang, K. Shin, Hop-count filtering an effective defense against spoofed traffic, in: Proc. ACM Conference on Computer and Communications Security, Washington DC, October 2003, pp. 30-41, ISBN 1-58113-738-9.

Digital Library

[13]

The Network Simulator NS-2, <http://www.isi.edu/nsnam/ns>.

[14]

W.G. Morein, A. Stavrou, D.L Cook, A.D. Keromytis, V. Mishra, D. Rubenstein, Using graphic turing tests to counter automated DDoS attacks against Web servers, in: Proc. 10th ACM International Conference on Computer and Communications Security (CCS'03), Washington DC, USA, October 27-30, 2003, pp. 8-19, ISBN: 1-58113-738-9.

Digital Library

[15]

R. Thomas, B. Mark, T. Johnson, J. Croall, NetBouncer: client-legitimacy-based high-performance DDoS filtering, in: Proc. DARPA Information Survivability Conference and Exposition, vol. 1, April 22-24, 2003, pp. 14-25.

[16]

G. Mori, J. Malik, Recognizing objects in adversarial clutter - breaking a visual CAPTCHA, in: Proc. IEEE Computer Society Conference on Computer Vision and Pattern Recognition 2003 (CVPR'03), vol. 1, Madison, WI, USA, June 18-20, 2003, pp. 134-141, ISSN: 1063-6919, ISBN: 0-7695-1900-8.

[17]

A. Hussain, J. Heidermann, C. Papadopoulos, A framework for classifying denial of service attacks, in: Proc. ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication 2003, Karlsruhe, Germany, August 25-29, 2003, pp. 99-110, ISBN: 1-58113-735-4.

Digital Library

[18]

Sung, M. and Xu, J., IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks. IEEE Transactions on Parallel and Distributed Systems. v14 iSeptember. 861-872.

Digital Library

[19]

E. Gelenbe, M. Gellman, R. Lent, P. Liu, Pu Su, Autonomous smart routing for network QoS, in: Proc. First Int. Conf. on Autonomic Computing, New York, NY, May 2004, pp. 232-239.

Digital Library

[20]

E. Gelenbe, M. Gellman, G. Loukas, Defending networks against denial of service attacks, in: Proc. Conf. on Optics/Photonics in Security and Defence (SPIE), vol. 5611, London, UK, October 2004, pp. 233-243.

[21]

E. Gelenbe, R. Lent, A. Nunez, Self-aware networks and QoS, in: Proc. of the IEEE, 92 (9) (2004) 1478-1489.

[22]

Abraham Yaar, Adrian Perrig, Dawn Song, SIFF: A stateless internet flow filter to mitigate DDoS flooding attacks (Short Paper), in: 2004 IEEE Symposium on Security and Privacy, 2004, p. 130.

[23]

Yau, D.K.Y., S Lui, J.C., Liang, F. and Yam, Y., Defending against distributed Denial-of-Service attacks with max-min fair server-centric router throttles. IEEE/ACM Transactions on Networking. v13 i1. 29-42.

Digital Library

[24]

S. Kandula, D. Katabi, M. Jacob, A. Berger, Botz-4-Sale: surviving organized DDoS attacks that mimic flash crowds, in: Proc. 2nd USENIX Symposium on Networked Systems Design and Implementation (NSDI'05), Boston, MA, USA, May 2-4, 2005.

Digital Library

[25]

Mirkovic, J. and Reiher, P., D-WARD: a source-end defense against flooding Denial-of-Service attacks. IEEE Transactions on Dependable and Secure Computing. v2 i3. 216-232.

Digital Library

Cited By

Filus KSiavvas MDomańska JGelenbe E(2020)The Random Neural Network as a Bonding Model for Software Vulnerability PredictionModelling, Analysis, and Simulation of Computer and Telecommunication Systems10.1007/978-3-030-68110-4_7(102-116)Online publication date: 17-Nov-2020
https://dl.acm.org/doi/10.1007/978-3-030-68110-4_7
Çag̃layan U(2020)Performance, Energy Savings and Security: An IntroductionModelling, Analysis, and Simulation of Computer and Telecommunication Systems10.1007/978-3-030-68110-4_1(3-28)Online publication date: 17-Nov-2020
https://dl.acm.org/doi/10.1007/978-3-030-68110-4_1
Sahoo KPanda SSahoo SSahoo BDash R(2019)Toward secure software-defined networks against distributed denial of service attackThe Journal of Supercomputing10.1007/s11227-019-02767-z75:8(4829-4874)Online publication date: 1-Aug-2019
https://dl.acm.org/doi/10.1007/s11227-019-02767-z
Show More Cited By

Index Terms

A self-aware approach to denial of service defence
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime
  2. Professional topics
    1. Management of computing and information systems
      1. System management
        Quality assurance

Recommendations

Mitigating denial of service attacks: a tutorial

This tutorial describes what Denial of Service (DOS) attacks are. how they can be carried out in IP networks, and how one can defend against them. Distributed DoS (DDoS) attacks are included here as a subset of DoS attacks. A DoS attack has two phases: ...
The Denial-of-Service Dance

By understanding the types of attacks available to an adversary, we can develop more effective defenses against them. A taxonomy of denial-of-service attacks based on a dance-hall metaphor is a step toward gaining such an understanding.
Denial of service attacks, defences and research challenges

This paper presents a review of current denial of service (DoS) attack and defence concepts, from a theoretical ad practical point of view. Seriousness of DoS attacks is tangible and they present one of the most significant threats to assurance of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Computer Networks: The International Journal of Computer and Telecommunications Networking

Computer Networks: The International Journal of Computer and Telecommunications Networking Volume 51, Issue 5

April, 2007

146 pages

ISSN:1389-1286

Issue’s Table of Contents

Copyright © Elsevier B.V. © 2006.

Publisher

Elsevier North-Holland, Inc.

United States

Publication History

Published: 01 April 2007

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 29 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Filus KSiavvas MDomańska JGelenbe E(2020)The Random Neural Network as a Bonding Model for Software Vulnerability PredictionModelling, Analysis, and Simulation of Computer and Telecommunication Systems10.1007/978-3-030-68110-4_7(102-116)Online publication date: 17-Nov-2020
https://dl.acm.org/doi/10.1007/978-3-030-68110-4_7
Çag̃layan U(2020)Performance, Energy Savings and Security: An IntroductionModelling, Analysis, and Simulation of Computer and Telecommunication Systems10.1007/978-3-030-68110-4_1(3-28)Online publication date: 17-Nov-2020
https://dl.acm.org/doi/10.1007/978-3-030-68110-4_1
Sahoo KPanda SSahoo SSahoo BDash R(2019)Toward secure software-defined networks against distributed denial of service attackThe Journal of Supercomputing10.1007/s11227-019-02767-z75:8(4829-4874)Online publication date: 1-Aug-2019
https://dl.acm.org/doi/10.1007/s11227-019-02767-z
Lewis P(2017)Self-aware computing systemsProceedings of the Conference on Design, Automation & Test in Europe10.5555/3130379.3130628(1044-1049)Online publication date: 27-Mar-2017
https://dl.acm.org/doi/10.5555/3130379.3130628
Nepomuceno E(2014)Multiobjective learning in the random neural networkInternational Journal of Advanced Intelligence Paradigms10.1504/IJAIP.2014.0595886:1(66-80)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1504/IJAIP.2014.059588
Kim H(2014)Modelling and analysis of gene regulatory networks based on the G-networkInternational Journal of Advanced Intelligence Paradigms10.1504/IJAIP.2014.0595856:1(28-51)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1504/IJAIP.2014.059585
Lent RSakellari GLoukas G(2014)Strengthening the security of cognitive packet networksInternational Journal of Advanced Intelligence Paradigms10.1504/IJAIP.2014.0595846:1(14-27)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1504/IJAIP.2014.059584
Gorbil GAbdelrahman OGelenbe EMueller PFoschini LYu R(2014)Storms in mobile networksProceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks10.1145/2642687.2642688(119-126)Online publication date: 21-Sep-2014
https://dl.acm.org/doi/10.1145/2642687.2642688
Yuan EEsfahani NMalek S(2014)A Systematic Survey of Self-Protecting Software SystemsACM Transactions on Autonomous and Adaptive Systems10.1145/25556118:4(1-41)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.1145/2555611
Gelenbe ERiley GQuaglia FHimmelspach J(2012)Energy packet networksProceedings of the 5th International ICST Conference on Simulation Tools and Techniques10.5555/2263019.2263021(1-7)Online publication date: 19-Mar-2012
https://dl.acm.org/doi/10.5555/2263019.2263021
Show More Cited By

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents