2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (sruti '06) the Rising Tide: Ddos from Defective Designs and Defaults Efficient and Secure Source Authenti- Cation with Packet Passports Cookies along Trust-boundaries: Accurate and Deployable Flood Protection
نویسنده
چکیده
Rob Thomas of Team Cymru began the workshop with a scintillating keynote address on the underground economy. Although much of the research community working on unwanted traffic issues has focused on technical aspects of various subproblems, Rob brought his direct experience with ongoing study of the underground economy dominated by the criminal elements trading in credit cards, passwords, and the like. He painted a grim picture of the underground economy and stressed the need for a closer examination of activities common in that world that are largely unknown to the research community.
منابع مشابه
Cookies Along Trust-Boundaries (CAT): Accurate and Deployable Flood Protection
Packet floods targeting a victim’s incoming bandwidth are notoriously difficult to defend against. While a number of solutions have been proposed, such as network capabilities, thirdparty traffic scrubbing, and overlay-based protection, most suffer from drawbacks that limit their applicability in practice. We propose CAT, a new network-based flood protection scheme. In CAT, all flows must perfo...
متن کاملThe Rising Tide: DDoS from Defective Designs and Defaults
We consider the phenomenon of distributed denial of service attacks that occur through design defects (and poorly chosen defaults) in legitimately operated, entirely secure systems. Particular reference is made to a recently discovered “attack” on stratum 1 Network Time Protocol servers by routers manufactured by D-Link for the consumer market, the latest example of incidents that stretch back ...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملReducing Unwanted Traffic in a Backbone Network
This paper studies the techniques a backbone ISP can employ to reduce unwanted traffic on its network. For this purpose, we extract likely sources of exploit (thus unwanted) traffic from packet traces collected on backbone links using an Internet traffic behavior profiling methodology we developed earlier. We first study the characteristics of exploit traffic from several aspects, such as netwo...
متن کاملFeature Extraction to Identify Network Traffic with Considering Packet Loss Effects
There are huge petitions of network traffic coming from various applications on Internet. In dealing with this volume of network traffic, network management plays a crucial rule. Traffic classification is a basic technique which is used by Internet service providers (ISP) to manage network resources and to guarantee Internet security. In addition, growing bandwidth usage, at one hand, and limit...
متن کامل