Provider-Based Deterministic Packet Marking against Distributed DoS Attacks

I
IPDPS
2005
19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17
Abstract - Provider-Based Deterministic Packet Marking against Distributed DoS Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Vasilios A. Siris Articles by Ilias Stavrakis

19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17

Denver, Colorado

April 04-April 08

ISBN: 0-7695-2312-9

	ASCII Text	x
	Vasilios A. Siris, Ilias Stavrakis, "Provider-Based Deterministic Packet Marking against Distributed DoS Attacks," Parallel and Distributed Processing Symposium, International, vol. 18, pp. 292a, 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17, 2005.

	BibTex	x
	@article{ 10.1109/IPDPS.2005.367, author = {Vasilios A. Siris and Ilias Stavrakis}, title = {Provider-Based Deterministic Packet Marking against Distributed DoS Attacks}, journal ={Parallel and Distributed Processing Symposium, International}, volume = {18}, year = {2005}, issn = {1530-2075}, pages = {292a}, doi = {http://doi.ieeecomputersociety.org/10.1109/IPDPS.2005.367}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel and Distributed Processing Symposium, International TI - Provider-Based Deterministic Packet Marking against Distributed DoS Attacks SN - 1530-2075 SP EP A1 - Vasilios A. Siris, A1 - Ilias Stavrakis, PY - 2005 KW - null VL - 18 JA - Parallel and Distributed Processing Symposium, International ER -

Vasilios A. Siris, Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Greece

Ilias Stavrakis, Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Greece

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IPDPS.2005.367

One of the most serious security threats in the Internet are Distributed Denial of Service (DDoS) attacks, due to the significant service disruption they can create and the difficulty to prevent them. In this paper, we propose new deterministic packet marking models in order to characterize DDoS attack streams. Such common characterization can be used to make filtering near the victim more effective. In this direction we propose a rate control scheme that protects destination domains by limiting the amount of traffic during an attack, while leaving a large percentage of legitimate traffic unaffected. The above features enable providers to offer enhanced security protection against such attacks as a value-added service to their customers, hence offer positive incentives for them to deploy the proposed models. We evaluate the proposed marking models using a snapshot of the actual Internet topology, in terms of how well they differentiate attack traffic from legitimate traffic in cases of full and partial deployment.

Citation:

Vasilios A. Siris, Ilias Stavrakis, "Provider-Based Deterministic Packet Marking against Distributed DoS Attacks," ipdps, vol. 18, pp.292a, 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17, 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.