Defending Against Slave And Reflector Attacks With Deterministic Edge Router Marking (DERM)
نویسندگان
چکیده
Identifying the sources of a Distributed Denial-ofService (DDoS) attack is among the hardest problems in the Internet security area. Use of reflectors in a DDoS attack makes the problem particularly difficult as the actual sources of attack (slaves) are camouflaged. In this paper we propose a modification to the traceback of Multiple Hash DERM [13], an effective deterrent against DDoS attacks. The proposed modification DERM Traceback Module, helps the victim not only in perpacket filtering of the attack traffic but also in identifying the nature of the attack and tracking the actual slaves involved in reflector attacks and mixed DDoS attacks. As in [13], the marking procedure at routers is simple, bandwidth overhead is nil, processing requirements at the victim are minimal, and a limited number of packets are required to carry out the traceback procedure.
منابع مشابه
Possible Intrusions’ Ip Trace-back in Cloud Computing Environment
Defending against distributed denial-of-service attacks is one of the hardest security problems on the Internet today. One difficulty to-wards these attacks is to trace the source of the attacks as the attackers intentionally use spoofed IP source addresses to disguise from the true origin. The IP Trace-back in cloud environment is like an Advanced Marking Scheme and the Authenticated Marking S...
متن کاملProtection from distributed denial of service attacks using history-based IP filtering
In this paper, we introduce a practical scheme to defend against Distributed Denial of Service (DDoS) attacks based on IP source address filtering. The edge router keeps a history of all the legitimate IP addresses which have previously appeared in the network. When the edge router is overloaded, this history is used to decide whether to admit an incoming IP packet. Unlike other proposals to de...
متن کاملDefending Against Distributed Denial of Service Attacks Using Selective Pushback
In this paper, we introduce a router-based system to defend against Distributed Denial of Service (DDoS) attacks. DDoS attacks are treated as a congestioncontrol problem. The main issue is to identify the congestion and then pushback a packet filter to the router closest to the source that causes congestion. Unlike previous approaches, we propose an anomaly detection scheme using source informa...
متن کاملAdvanced and Authenticated Marking Schemes for IP Traceback
Defending against distributed denial-of-service attacks is one of the hardest security problems on the Internet today. One difficulty to thwart these attacks is to trace the source of the attacks because they often use incorrect, or spoofed IP source addresses to disguise the true origin. In this paper, we present two new schemes, the Advanced Marking Scheme and the Authenticated Marking Scheme...
متن کاملScheme of Defending Against DDoS Attacks in Large-Scale ISP Networks
A scheme that defending against distributed denial of service (DDoS) attacks adopts the mechanism of Distribution-based Secure Overlay Nodes (DSON) to a large-scale ISP (Internet Service Provider) network is presented. The scheme uses local BPG announcement to divert traffic to the overlay network when experiencing high load, then filtering algorithm based on the technology of signal processing...
متن کامل