Scalable Network-Layer Defense Against Internet Bandwidth-Flooding Attacks
نویسندگان
چکیده
منابع مشابه
Self-managing defense against SYN-flooding attacks
SYN-flooding attack uses the weakness available in TCP’s three-way handshake process to keep it from handling legitimate requests. This attack causes the victim host to populate its backlog queue with forged TCP connections. In other words it increases PSA (probability of success of attack) and decreases BUE (buffer utilization efficiency) in the victim host and results to decreased performance...
متن کاملCooperative Defense against Network Attacks
Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. As DDoS streams do not have common characteristics, currently available intrusion detection systems (IDS) can not detect them accurately. As a result, defend DDoS attacks based on current available IDS will dramatically affect legitimate traffic. In this paper, we propose a distributed approach to def...
متن کاملDistributed Learning Mechanism Against Flooding Network Attacks
Adaptive techniques based on machine learning and data mining are gaining relevance in selfmanagement and self-defense for networks and distributed systems. In this paper, we focus on early detection and stopping of distributed flooding attacks and network abuses. We extend the framework proposed by Zhang and Parashar (2006) to cooperatively detect and react to abnormal behaviors before the tar...
متن کاملDefense against SYN Flooding Attacks: A Scheduling Approach
The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flo...
متن کاملDiCoDefense: Distributed Collaborative Defense against DDoS Flooding attacks
Detecting Distributed Denial of Service (DDoS) flooding attacks as soon as possible before they affect the victims, identifying the sources of the attacks, and finally stopping them by blocking or rate limiting the attack traffic is the ultimate goal of current defense mechanisms. The success in detecting and responding to DDoS flooding attacks is highly dependent on the data monitored by the e...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE/ACM Transactions on Networking
سال: 2009
ISSN: 1063-6692,1558-2566
DOI: 10.1109/tnet.2008.2007431