{"title":"Distributed Defence Against Denial of Service Attacks: A Practical View","authors":"Gülay Öke Günel, G. Loukas","doi":"10.14236/EWIC/VOCS2008.14","DOIUrl":null,"url":null,"abstract":"In recent years, Denial of Service attacks have evolved into a predominant network security threat. In our previous work, we identified the necessary building blocks for an effective defence mechanism and suggested ways to integrate them. Here, we present the results of this integration on the DoS-resilience of a real networking testbed which runs the Self-Aware CPN routing protocol. The incoming traffic at each node is monitored with a detection mechanism that is based on maximum likelihood estimation. In response to high probability of attack, the traffic is ratelimited proportionally to the measured probability. We illustrate the results of the experiments we have performed to demonstrate the efficiency of the distributed defence system that we propose.","PeriodicalId":247606,"journal":{"name":"BCS International Academic Conference","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"BCS International Academic Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14236/EWIC/VOCS2008.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
In recent years, Denial of Service attacks have evolved into a predominant network security threat. In our previous work, we identified the necessary building blocks for an effective defence mechanism and suggested ways to integrate them. Here, we present the results of this integration on the DoS-resilience of a real networking testbed which runs the Self-Aware CPN routing protocol. The incoming traffic at each node is monitored with a detection mechanism that is based on maximum likelihood estimation. In response to high probability of attack, the traffic is ratelimited proportionally to the measured probability. We illustrate the results of the experiments we have performed to demonstrate the efficiency of the distributed defence system that we propose.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
