219
IRUS Total
Downloads
  Altmetric

Locating Network Domain Entry and Exit point/path for DDoS Attack Traffic

File Description SizeFormat 
final_tnsm.pdfAccepted version311.23 kBAdobe PDFView/Open
Title: Locating Network Domain Entry and Exit point/path for DDoS Attack Traffic
Authors: Thing, V
Sloman, M
Dulay, N
Item Type: Journal Article
Abstract: A method to determine entry and exit points or paths of DDoS attack traffic flows into and out of network domains is proposed. We observe valid source addresses seen by routers from sampled traffic under non-attack conditions. Under attack conditions, we detect route anomalies by determining which routers have been used for unknown source addresses, to construct the attack paths. We consider deployment issues and show results from simulations to prove the feasibility of our scheme. We then implement our Traceback mechanism in C++ and more realistic experiments are conducted. The experiments show that accurate results, with high traceback speed of a few seconds, are achieved. Compared to existing techniques, our approach is non-intrusive, not requiring any changes to the Internet routers and data packets. Precise information regarding the attack is not required allowing a wide variety of DDoS attack detection techniques to be used. The victim is also relieved from the traceback task during an attack. The scheme is simple and efficient, allowing for a fast traceback, and scalable due to the distribution of processing workload. © 2009 IEEE.
Content Version: Accepted version
Issue Date: 1-Sep-2009
Citation: IEEE Transactions on Network and Service Management Vol.( 6 ) No.( 3 ) pp 163 - 174
URI: http://hdl.handle.net/10044/1/5300
Publisher Link: http://dx.doi.org/10.1109/TNSM.2009.03.090303
DOI: 10.1109/TNSM.2009.03.090303
ISSN: 1932-4537
Start Page: 163
End Page: 174
Copyright Statement: ©2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Volume: 6
Appears in Collections:Distributed Software Engineering