Publications (1)0 Total impact
-
Conference Proceeding: Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks
[show abstract] [hide abstract]
ABSTRACT: Summary form only given. Distributed Denials of Service (DDoS) attacks have become a real threat to the security of the Internet. Defending against DDoS is a challenging job, due to the use of IP spoofing and the destination-based routing of the Internet. Many solutions have been proposed, but none is able to completely stop an intense attack. In this paper, we propose a new defense mechanism, neighbor stranger discrimination (NSD), which is capable of stopping or significantly reducing the intensity of a DDoS attack. NSD can be incrementally deployed and satisfactory results are achieved even when it is implemented on a small percentage, 10% to 20%, of the Internet routers. The overhead of installing NSD on a certain router is low in terms of additional storage and processing load. Unlike other defense strategies, NSD produces no false positives while reducing false negatives. Being router-based, NSD also stops reflected DDoS attacks (RDDoS) since it discards the spoofed packets before they reach the reflectors.Computer Systems and Applications, 2005. The 3rd ACS/IEEE International Conference on; 02/2005
Top co-authors
Institutions
-
2005
-
American University of Beirut
- Department of Electrical and Computer Engineering
Beirut, Mohafazat Beyrouth, Lebanon
-
