2008 International Symposiums on Information Processing Honeypot Based Routing to Mitigate DDoS Attacks on Servers at ISP Level May 23-May 25 ISBN: 978-0-7695-3151-9
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ISIP.2008.115
DDOS attacks generate flooding traffic from multiple sources towards selected nodes and cause obstruction in flow of legitimate information within a network. If the victim node is the server at ISP level requiring fast information processing, the entire network operation stops. We use various lines of honeypot based defense against such attacks. The first line of defense detects the presence of attacks. The second line of defense identifies and tags attack flows in real time. The work in this paper concentrates on the third line of defense, where a model for honeypot based routing has been proposed in response to identified attack flows. We propose the automatic generation of adequate server nodes to service client requests and honeypots to interact with attackers in contained manner. The judicious mixture of servers and honeypots at different time intervals provide stable network functionality at ISP level. We validate the effectiveness of the approach with modeling on Internet type topology and simulation in ns-2 on a Linux platform.
Index Terms:
Honeypot, DDoS, Routing
Citation:
Anjali Sardana, R. C. Joshi, "Honeypot Based Routing to Mitigate DDoS Attacks on Servers at ISP Level," isip, pp.505-509, 2008 International Symposiums on Information Processing, 2008 Usage of this product signifies your acceptance of the Terms of Use. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb