Implementing filtering and traceback mechanism for packet-marking IP-traceback schemes against DDoS attacks
ABSTRACT In this paper we present two packet marking schemes that can be used against distributed denial of service attacks. We describe the architectural details of the filtering and traceback mechanism that is deployed on the victimpsilas network and show how the components utilize the packet markings to effectively stop ongoing DDoS attacks.
- [Show abstract] [Hide abstract]
ABSTRACT: Embedded Systems account for a wide range of products and are employed in various heterogeneous domains, including but not limited to: industrial systems (e.g. manufacturing plants), critical environments (e.g. military and avionics) nomadic environments (e.g. personal wearable nodes), private spaces (e.g. residences) and public infrastructures (e.g. airports). These devices often need to access, store, manipulate and/or communicate sensitive or even critical information, making the security of their resources and services an imperative concern in their design. The problem is exacerbated by their resource constraints, their diversified application settings, frequently requiring unattended operation in physically insecure environments and dynamic network formulation, in conjunction with the ever-present need for smaller size and lower production costs. This paper provides an overview of the challenges in Embedded Systems security, pertaining to node hardware and software as well as relevant network protocols and cryptographic algorithms, presents recent advances in the field and identifies opportunities for future research.10th International Symposium on Ambient Intelligence and Embedded Systems, AMIES 2011; 09/2011
Conference Paper: Embedded Systems Security Challenges[Show abstract] [Hide abstract]
ABSTRACT: In a world of pervasive computing, embedded systems can be found in a wide range of products and are employed in various heterogeneous domains. The abovementioned devices often need to access, store, manipulate and/or communicate sensitive or even critical information, making the security of their resources and services an important concern in their design process. These issues are further exacerbated by the resource-constrained nature of the devices, in conjunction with the ever-present need for smaller size and lower production costs. This paper aims to provide an overview of the challenges in designing secure embedded systems, covering both node hardware and software issues, as well as relevant network protocols and cryptographic algorithms. Moreover, recent advances in the field are identified, highlighting opportunities for future research.Measurable security for Embedded Computing and Communication Systems (MeSeCCS 2014), within the International Conference on Pervasive and Embedded Computing and Communication Systems (PECCS 2014), Lisbon, Portugal; 01/2014
- [Show abstract] [Hide abstract]
ABSTRACT: Bandwidth abuse is a critical Internet service violation. However, its origins are difficult to detect and trace given similarities between abusive and normal traffic. So far, there is no capable and scalable mechanism to deal with bandwidth abuse. This paper proposes a distributed edge-to-edge model for monitoring service level agreement (SLA) violations and tracing abusive traffic to its origins. The mechanism of policing misbehaving user traffic at a single random early detection (RED) gateway is used in the distributed monitoring of SLA violations, including violations carried out through several gateways. Each RED gateway reports misbehaving users who have been sent notifications of traffic policing to an SLA monitoring unit. Misbehaving users are considered suspicious users and their consumed bandwidth shares are aggregated at every gateway to be compared with SLA-specified ratios. Bandwidth is abused when SLA-specified ratios are exceeded. By reporting bandwidth abuse, illegitimate users can be isolated from legitimate ones and source hosts of abusive traffic may be traced. Approximate simulation results show that the proposed model can detect any SLA violation and identify abusive users. In addition, the proposed model can trace user violations back to their source machines in real time.Journal of Network and Systems Management 06/2013; 21(2). · 0.43 Impact Factor