Thaneswaran Velauthapillai, A. Harwood, S. Karunasekera
{"title":"Global Detection of Flooding-Based DDoS Attacks Using a Cooperative Overlay Network","authors":"Thaneswaran Velauthapillai, A. Harwood, S. Karunasekera","doi":"10.1109/NSS.2010.68","DOIUrl":null,"url":null,"abstract":"Flooding-based Distributed Denial of Service (DDoS) attacks present a serious threat to the stability of the Internet. Identifying the attacks rapidly and accurately is significant for the efficient operation of Internet applications and services. Recent observations in the U.S. indicate a significant increase of cyber attacks on U.S. military information systems in 2009. Current technologies are still unable to withstand large-scale DDoS attacks. Single point detection and response is a first step to defeat such distributed attacks. Distributed global defense systems, using a coordinated effort, go much further towards thwarting such attacks. In this paper, we propose a distributed defense infrastructure to detect DDoS attacks globally using a cooperative overlay network and a gossip-based information exchange protocol. Our NS2 based simulation results show that the proposed solution can detect attacks with a detection rate as high as 0.99 with false alarms below 0.01. This compares favorably against other widely known methods including change-point detection, TTL analysis and wavelet analysis.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth International Conference on Network and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSS.2010.68","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 16
Abstract
Flooding-based Distributed Denial of Service (DDoS) attacks present a serious threat to the stability of the Internet. Identifying the attacks rapidly and accurately is significant for the efficient operation of Internet applications and services. Recent observations in the U.S. indicate a significant increase of cyber attacks on U.S. military information systems in 2009. Current technologies are still unable to withstand large-scale DDoS attacks. Single point detection and response is a first step to defeat such distributed attacks. Distributed global defense systems, using a coordinated effort, go much further towards thwarting such attacks. In this paper, we propose a distributed defense infrastructure to detect DDoS attacks globally using a cooperative overlay network and a gossip-based information exchange protocol. Our NS2 based simulation results show that the proposed solution can detect attacks with a detection rate as high as 0.99 with false alarms below 0.01. This compares favorably against other widely known methods including change-point detection, TTL analysis and wavelet analysis.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
