{"title":"A Distributed Approach using Entropy to Detect DDoS Attacks in ISP Domain","authors":"Krishan Kumar, Rajesh Joshi, K. Singh","doi":"10.1109/ICSCN.2007.350758","DOIUrl":null,"url":null,"abstract":"DDoS attacks are best detected near the victim's site as maximum attack traffic converges at this point. In most of the current solutions, monitoring and analysis of traffic for DDoS detection have been carried at a single link which connects victim to ISP. However the mammoth volume generated by DDoS attacks pose the biggest challenge in terms of memory and computational overheads. These overheads make DDoS solution itself vulnerable against DDoS attacks. We propose to distribute these overheads amongst all POPs of the ISP using an ISP level traffic feature distribution based approach. An ISP level topology and well known attack tools are used for simulations in ns-2. The comparison with volume based approach clearly indicates the supremacy of the proposed methodology","PeriodicalId":257948,"journal":{"name":"2007 International Conference on Signal Processing, Communications and Networking","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-11-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"88","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Signal Processing, Communications and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSCN.2007.350758","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 88
Abstract
DDoS attacks are best detected near the victim's site as maximum attack traffic converges at this point. In most of the current solutions, monitoring and analysis of traffic for DDoS detection have been carried at a single link which connects victim to ISP. However the mammoth volume generated by DDoS attacks pose the biggest challenge in terms of memory and computational overheads. These overheads make DDoS solution itself vulnerable against DDoS attacks. We propose to distribute these overheads amongst all POPs of the ISP using an ISP level traffic feature distribution based approach. An ISP level topology and well known attack tools are used for simulations in ns-2. The comparison with volume based approach clearly indicates the supremacy of the proposed methodology
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
