Macquarie University ResearchOnline

Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.14/8434

Title

Tracing DDoS floods : an automated approach

Related

Journal of network and systems management, Vol. 12, Issue 1, p.111-135

DOI

10.1023/B:JONS.0000015701.83726.ca

Publisher

Plenum Publisher

Date

2004

Author/Creator

Tupakula, Udaya Kiran

Author/Creator

Varadharajan, Vijay

Description

We propose a Controller-Agent model that would greatly minimize distributed denial-of-service (DDoS) attacks on the Internet. We introduce a new packet marking technique and agent design that enables us to identify the approximate source of attack (nearest router) with a single packet even in the case of attacks with spoofed source addresses. Our model is invoked only during attack times, and is able to process the victims traffic separately without disturbing other traffic, it is also able to establish different attack signatures for different attacking sources and can prevent the attack traffic at the nearest router to the attacking system. It is simple in its implementation, it has fast response for any changes in attack traffic pattern, and can be incrementally deployed. Hence we believe that the model proposed in this paper seems to be a promising approach to prevent distributed denial-of-service attacks.

Description

25 page(s)

Subject Keyword

Denial-of-Service (DoS)

Subject Keyword

DDoS

Subject Keyword

controller-agent model

Subject Keyword

packet marking

Subject Keyword

packet marking

Subject Keyword

IP traceback

Subject Keyword

congestion control

Resource Type

journal article

Organisation

Macquarie University. Dept. of Computing

---

Identifier

http://hdl.handle.net/1959.14/8434

Identifier

ISSN:1573-7705

Identifier

mq-rm-2004021659

Language

eng

Reviewed

Save/E-mail Citation

Citation Format

Plain Text Citation HTML Citation EndNote Format

E-mail Address

Subject

"Journal of network and systems management"

 

OR