Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks

Sumit Ganguly; Krishan Sabnani; Minos Garofalakis; Rajeev Rastogi

doi:10.1109/ICDCS.2007.142

I
ICDCS
2007
27th International Conference on Distributed Computing Systems (ICDCS '07)
Abstract - Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sumit Ganguly Articles by Minos Garofalakis Articles by Rajeev Rastogi Articles by Krishan Sabnani

27th International Conference on Distributed Computing Systems (ICDCS '07)

Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks

Toronto, Canada

June 25-June 27

ISBN: 0-7695-2837-3

	ASCII Text	x
	Sumit Ganguly, Minos Garofalakis, Rajeev Rastogi, Krishan Sabnani, "Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks," 2012 IEEE 32nd International Conference on Distributed Computing Systems, pp. 4, 27th International Conference on Distributed Computing Systems (ICDCS '07), 2007.

	BibTex	x
	@article{ 10.1109/ICDCS.2007.142, author = {Sumit Ganguly and Minos Garofalakis and Rajeev Rastogi and Krishan Sabnani}, title = {Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks}, journal ={2012 IEEE 32nd International Conference on Distributed Computing Systems}, volume = {0}, year = {2007}, isbn = {0-7695-2837-3}, pages = {4}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICDCS.2007.142}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - 2012 IEEE 32nd International Conference on Distributed Computing Systems TI - Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks SN - 0-7695-2837-3 SP EP A1 - Sumit Ganguly, A1 - Minos Garofalakis, A1 - Rajeev Rastogi, A1 - Krishan Sabnani, PY - 2007 KW - null VL - 0 JA - 2012 IEEE 32nd International Conference on Distributed Computing Systems ER -

Sumit Ganguly, Indian Inst. of Tech. Kanpur, India

Minos Garofalakis, Yahoo! Research California, USA

Rajeev Rastogi, Bell Labs Bangalore, India

Krishan Sabnani, Bell Labs New Jersey, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICDCS.2007.142

Effective mechanisms for detecting and thwarting Distributed Denial-of-Service (DDoS) attacks are becoming increasingly important to the success of today?s Internet as a viable commercial and business tool. In this paper, we propose novel data-streaming algorithms for the robust, real-time detection of DDoS activity in large ISP networks. The key element of our solution is a new, hashbased synopsis data structure for network-data streams that allows us to efficiently track, in guaranteed small space and time, destination IP addresses in the underlying network that are "large" with respect to the number of distinct source IP addresses that have established potentially-malicious (e.g., "half-open") connections to them. Our work is the first to address the problem of efficiently tracking the top distinct-source frequencies over a general stream of updates (insertions and deletions) to the set of underlying network flows, thus enabling us to effectively distinguish between DDoS activity and flash crowds. Preliminary experimental results verify the effectiveness of our approach.

Citation:

Sumit Ganguly, Minos Garofalakis, Rajeev Rastogi, Krishan Sabnani, "Streaming Algorithms for Robust, Real-Time Detection of DDoS Attacks," icdcs, pp.4, 27th International Conference on Distributed Computing Systems (ICDCS '07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.