Scalable multicast based filtering and tracing framework for defeating distributed DoS attacks
✍ Scribed by Jangwon Lee; Gustavo de Veciana
- Book ID
- 102542254
- Publisher
- John Wiley and Sons
- Year
- 2005
- Tongue
- English
- Weight
- 205 KB
- Volume
- 15
- Category
- Article
- ISSN
- 1055-7148
- DOI
- 10.1002/nem.543
No coin nor oath required. For personal study only.
✦ Synopsis
In this paper we present a distributed scalable framework to support ondemand filtering and tracing services for defeating distributed denial of service attacks. Our filtering mechanism is designed to quickly identify a set of boundary filter locations so that attack packets might be dropped as close as possible to their origin(s). We argue that precisely identifying the origins of an attack is not achievable when there is only a partial deployment of tracing nodes-as is likely to be the case in practice. Thus we present a tracing mechanism which can identify sets of candidate nodes containing attack origins. Both mechanisms leverage multicasting services to achieve scalable, responsive and robust operation, and operate with a partial and incremental deployment. Performance evaluations of proposed approaches on both real and synthetic topologies show that a small coverage of filtering and tracing components throughout a network can be effective at blocking and localizing attacks.