VPNshield: Protecing VPN Services from Denial-of-Service (DoS) Attacks
نویسندگان
چکیده
Employing survivability techniques developed by Architecture Technology Corporation (ATC) under the DARPA OASIS program, VPNshield implements DoSresistant (or survivable) VPNs that provide continuous, uninterrupted operation of VPN services in spite of access link flooding attacks. In contrast to existing infrastructurebased approaches for detecting and countering these attacks, the VPNshield approach relies on survivability techniques that are implemented within the edge networks. That is, the survivability mechanisms associated with this approach require no modifications or additions to equipment in the core network infrastructure owned by the service provider.
منابع مشابه
Ingress Filtering at Edge Network to Protect Vpn Service from Dos Attack
Internet Protocol (IP) examines only the packet header to forward the packet but it does not examine the data in it. As internet is open to public, the seeking for sensitive data by the attacker has increased. It has become a necessity to protect data through the Internet. Virtual Private Network (VPN) is a popular service to logically construct private network using the existing public infrast...
متن کاملMitigating Strategy to Shield the VPN Service from DoS Attack
The exponential growth of internet and drastic enhancement in telecommunication has made the Internet a part of every aspect in the world. Internet is now the heart of the day to day business dealings throughout the world. This has increased the seeking for sensitive data by the attacker. This in turn increased the necessity to protect data through the Internet. Virtual Private Network (VPN) is...
متن کاملAutomated Analysis of Internet Key Exchange Protocol v2 for Denial of Service Attacks
The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at maliciously consuming the available resources in computing systems to prevent genuine users from legitimately accessing them. These attacks can easily interrupt or disable targeted systems, so it is important for the system to detect and filter bogus connection requests as early as possible. Many common pr...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کامل