A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf
.
Filters
Towards Improving an Algebraic Marking Scheme for Tracing DDoS Attacks
2009
International Journal of Network Security
In this paper, we identify the weaknesses of an existing algebraic marking scheme for tracing DDoS attacks, and propose an improved version of the marking scheme. ...
When compared with other marking schemes, it requires fewer packets for attack paths reconstruction. ...
This paper proposes an improved algebraic marking scheme which simplifies and improves the algebraic marking scheme [5] for a practical implementation. ...
dblp:journals/ijnsec/LeeHC09
fatcat:m2vtd6ojyfadtc3jwhugek3w44
Taxonomical approach to the deployment of traceback mechanisms
2011
2011 Baltic Congress on Future Internet and Communications
In order to counter DDoS and facilitate secure and reliable functioning of cyber societies, various types of traceback mechanisms have been proposed that trace the entire attack path or partial attack ...
Among these activities, Distributed Denial of Services (DDoS), which imposes an excessive workload on network entities such as hosts, is one of the most devastating form of attacks and can cause complete ...
For instance, an attacker may intentionally create a DDoS attack from third-party network by using a bot net and sue for compensatory damages with the traceback information as evidence. ...
doi:10.1109/bcfic-riga.2011.5733214
fatcat:urinubg7rjdcdlkrolk32e6n7y
Tracing cyber attacks from the practical perspective
2005
IEEE Communications Magazine
Clearly, the current IP traceback technology is only the first step toward tackling DoS/DDoS attacks. An ideal tracing scheme has to make trade-offs among various factors. ...
However, improving the accuracy of DDoS detection is a daunting task given the fact that a DDoS attack may be a hybrid of different types of attacks using different protocols, ports, and attack rates ...
doi:10.1109/mcom.2005.1453433
fatcat:sey4mrcslva6lkxxf43ays6n3e
IP traceback: A new denial-of-service deterrent?
2003
IEEE Security and Privacy
Such attacks are among the toughest to address because they are simple to implement, hard to prevent, and difficult to trace. ...
Several efforts are under way to develop attacker-identification technologies on the Internet. This article looks at existing DDoS IP traceback methodologies and future trends. ...
The authors also proposed an authentication-marking scheme that uses message authentication codes to prevent packet-content tampering by compromised routers along the attack path. ...
doi:10.1109/msecp.2003.1203219
fatcat:kyi4rydwxbb7ncdmohev3tvyp4
On Evaluating IP Traceback Schemes: A Practical Perspective
2013
2013 IEEE Security and Privacy Workshops
This paper presents an evaluation of two promising schemes for tracing cyber-attacks, the well-known Deterministic Packet Marking, DPM, and a novel marking scheme for IP traceback, Deterministic Flow Marking ...
The results show that using DFM may reduce as many as 90% of marked packets on average required for tracing attacks with no false positives, while it eliminates the spoofed marking embedded by the attacker ...
[11] have described a technique for tracing anonymous packet flooding attacks on the Internet back toward their source. This traceback can be performed after an attack is identified. ...
doi:10.1109/spw.2013.13
dblp:conf/sp/ForoushaniZ13
fatcat:4drr3p32bfbrzauh4qu67764uu
Toward a Practical Packet Marking Approach for IP Traceback
2009
International Journal of Network Security
IP traceback is an important step in defending against denial-of-service (DoS) attacks. Probabilistic packet marking (PPM) has been studied as a promising approach to realize IP traceback. ...
Our approach is able to control the distribution of marking information. Hence, it is suitable to be deployed as a value-added service which may create revenue for ISPs. ...
We study the efficiency and accuracy of ASPPM in tracing DDoS attacks. ...
dblp:journals/ijnsec/GongS09
fatcat:fgta3hzo7vdrtcryjlq6aduzla
DDoS attacks and defense mechanisms: classification and state-of-the-art
2004
Computer Networks
Furthermore, important features of each attack and defense system category are described and advantages and disadvantages of each proposed scheme are outlined. ...
This paper presents a structural approach to the DDoS problem by developing a classification of DDoS attacks and DDoS defense mechanisms. ...
[69] introduced an interesting algebraic approach to PPM. This scheme does not require an upstream router map to construct an attack path. ...
doi:10.1016/j.comnet.2003.10.003
fatcat:j5bmatgznraqxcnclv326qr7my
Distributed Divide-and-Conquer Techniques for Effective DDoS Attack Defenses
2008
2008 The 28th International Conference on Distributed Computing Systems
While distributed packet logging and/or packet marking have been explored in the past for DDoS attack traceback/mitigation, we propose to advance the state of the art by using a novel distributed divide-and-conquer ...
Distributed Denial-of-Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. ...
[15] proposed another novel coding scheme using an algebraic approach to embed path information. Yaar et.al. ...
doi:10.1109/icdcs.2008.10
dblp:conf/icdcs/MuthuprasannaM08
fatcat:pocjsj2csfhqpg63xq7tbd7wl4
Traceback of DDoS Attacks Using Entropy Variations
2011
IEEE Transactions on Parallel and Distributed Systems
In this paper, we propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic, which is fundamentally different from commonly used packet ...
marking techniques. ...
ACKNOWLEDGMENTS The authors would like to express their thanks to the anonymous reviews for their insightful comments and suggestions. The work was supported in part by grants ...
doi:10.1109/tpds.2010.97
fatcat:iiu2uaroljclxd2fefxef2ibpi
Survey of network-based defense mechanisms countering the DoS and DDoS problems
2007
ACM Computing Surveys
We conclude by highlighting opportunities for an integrated solution to solve the problem of distributed denial of service attacks. ...
This article presents a survey of denial of service attacks and the methods that have been proposed for defense against these attacks. ...
ACKNOWLEDGMENTS We thank the anonymous reviewers for their excellent suggestions that have greatly improved the quality of this article. ...
doi:10.1145/1216370.1216373
fatcat:fgim4prdsnbufbaavvptpvgkhq
IP traceback through (authenticated) deterministic flow marking: an empirical evaluation
2013
EURASIP Journal on Information Security
Additionally, DFM provides an optional authentication so that a compromised router cannot forge markings of other uncompromised routers. ...
In this paper, we present a novel approach to IP traceback -deterministic flow marking (DFM). We evaluate this novel approach against two well-known IP traceback schemes. ...
[11] have described a technique for tracing anonymous packet flooding attacks on the Internet towards their source. This traceback can be performed after an attack is identified. ...
doi:10.1186/1687-417x-2013-5
fatcat:fpzodzbzk5a7jfpax4ne5nuewq
DDoS Attacks: Tools, Mitigation Approaches, and Probable Impact on Private Cloud Environment
[article]
2017
arXiv
pre-print
This paper discusses several prominent approaches introduced to counter DDoS attacks in private clouds. We also discuss issues and challenges to mitigate DDoS attacks in private clouds. ...
The presence of a large amount of resources organized densely is a key factor in attracting DDoS attacks. Such attacks are arguably more dangerous in private individual clouds with limited resources. ...
This way we may be able to trace back the source of the attack or provide a defense as near as possible towards the source-end. ...
arXiv:1710.08628v1
fatcat:qqaa3w3a2bautkkfc22hk3lk5u
Coloring the Internet: IP traceback
2006
12th International Conference on Parallel and Distributed Systems - (ICPADS'06)
Several IP Traceback schemes employing packet marking have been proposed to trace DoS/DDoS attacks that use source address spoofing. ...
We additionally propose an enhanced (logical) partitioned coloring technique to achieve an order of magnitude improvement over the best known schemes today. ...
Finally, a traceback scheme should not only trace attackers, but also aid in effective mitigation of the ongoing attack [4] . ...
doi:10.1109/icpads.2006.31
dblp:conf/icpads/MuthuprasannaMAK06
fatcat:3ut2jwewzbefveg4wiaa6c6ifq
A Network Coding Approach to IP Traceback
2010
2010 IEEE International Symposium on Network Coding (NetCod)
This is useful for tracing the sources of high volume traffic, e.g., in Distributed Denial-of-Service (DDoS) attacks. ...
Simulation results show that our scheme significantly reduces the number of packets needed to reconstruct the attack graph, in both single-and multi-path scenarios, thus increasing the speed of tracing ...
ACKNOWLEDGMENT We would like to thank Christina Fragouli for discussions on the coupon collector's problem, which inspired this work. ...
doi:10.1109/netcod.2010.5487682
fatcat:fy6jdoj3kvbkxn7d4loygwsx2m
Vulnerabilities in distance-indexed IP traceback schemes
2007
International Journal of Security and Networks (IJSN)
Among them, distanceindexed probabilistic packet marking schemes appear to be very attractive. In this paper, we first discover two intrinsic vulnerabilities in these schemes. ...
In order to counter Denial-of-Service (DoS) attacks using spoofed source addresses, many IP traceback schemes have been proposed in the last few years. ...
In Section 2, we present the DDoS attack and IP traceback models, as well as an overview of probabilistic packet marking schemes. ...
doi:10.1504/ijsn.2007.012827
fatcat:is4chiqexrfuvkqoj7ycbhcaia
« Previous
Showing results 1 — 15 out of 142 results