Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks

A
AICCSA
2005
ACS/IEEE 2005 International Conference on Computer Systems and Applications (AICCSA'05)
Abstract - Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by S. Itani Articles by N. Aaraj Articles by D. Abdelahad Articles by A. Kayssi

ACS/IEEE 2005 International Conference on Computer Systems and Applications (AICCSA'05)

Cairo, Egypt

January 03-January 06

ISBN: 0-7803-8735-X

	ASCII Text	x
	S. Itani, N. Aaraj, D. Abdelahad, A. Kayssi, "Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks," Computer Systems and Applications, ACS/IEEE International Conference on, pp. 95-I, ACS/IEEE 2005 International Conference on Computer Systems and Applications (AICCSA'05), 2005.

	BibTex	x
	@article{ 10.1109/AICCSA.2005.1387086, author = {S. Itani and N. Aaraj and D. Abdelahad and A. Kayssi}, title = {Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks}, journal ={Computer Systems and Applications, ACS/IEEE International Conference on}, volume = {0}, year = {2005}, isbn = {0-7803-8735-X}, pages = {95-I}, doi = {http://doi.ieeecomputersociety.org/10.1109/AICCSA.2005.1387086}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Systems and Applications, ACS/IEEE International Conference on TI - Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks SN - 0-7803-8735-X SP95 EPI A1 - S. Itani, A1 - N. Aaraj, A1 - D. Abdelahad, A1 - A. Kayssi, PY - 2005 VL - 0 JA - Computer Systems and Applications, ACS/IEEE International Conference on ER -

S. Itani, Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Lebanon

N. Aaraj, Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Lebanon

D. Abdelahad, Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Lebanon

A. Kayssi, Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Lebanon

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/AICCSA.2005.1387086

Summary form only given. Distributed Denials of Service (DDoS) attacks have become a real threat to the security of the Internet. Defending against DDoS is a challenging job, due to the use of IP spoofing and the destination-based routing of the Internet. Many solutions have been proposed, but none is able to completely stop an intense attack. In this paper, we propose a new defense mechanism, neighbor stranger discrimination (NSD), which is capable of stopping or significantly reducing the intensity of a DDoS attack. NSD can be incrementally deployed and satisfactory results are achieved even when it is implemented on a small percentage, 10% to 20%, of the Internet routers. The overhead of installing NSD on a certain router is low in terms of additional storage and processing load. Unlike other defense strategies, NSD produces no false positives while reducing false negatives. Being router-based, NSD also stops reflected DDoS attacks (RDDoS) since it discards the spoofed packets before they reach the reflectors.

Citation:

S. Itani, N. Aaraj, D. Abdelahad, A. Kayssi, "Neighbor stranger discrimination: a new defense mechanism against Internet DDOS attacks," aiccsa, pp.95-I, ACS/IEEE 2005 International Conference on Computer Systems and Applications (AICCSA'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.