Top

Published in:

2017 | OriginalPaper | Chapter

Super-Router: A Collaborative Filtering Technique Against DDoS Attacks

Authors : Akshat Gaurav, Awadhesh Kumar Singh

Published in: Advanced Informatics for Computing Research

Publisher: Springer Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

DDoS attack is one of the well known cyber attacks of Internet era, which affects on the availability of the network. In 1999, though Computer Incident Advisory Capability (CIAC) reports the first ever DDoS attack, but first major DDoS attack was recorded in year 2000 on some of the big websites e.g., Yahoo, Amazon, CNN, eBay etc. due to which their services went offline for few hours and huge amount of revenue losses were recorded. Since then DDoS attacks become favourite attacks of antagonists. There are so many different defense techniques available to detect and filter malicious traffic, but none of these methods could adequately filter out the malicious traffic. In this context, this paper proposed a new filtering scheme, Super-router, which uses collaborative filtering technique to filter malicious traffic. More specifically, Super-router uses unicast method of communication between filters which reduces the communication overheads and response time of individual filters. This makes Super-router an effective defense against DDoS attacks for high speed networks.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Impact of Higher Order Impairments on QoS Aware Connection Provisioning in 10 Gbps NRZ Optical Networks

next chapter A Systematic Survey on Congestion Mechanisms of CoAP Based Internet of Things

Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004). doi:10.1145/997150.997156 CrossRef

Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004). doi:10.1016/j.comnet.2003.10.003 CrossRef

Q2 State of Internet Security Report. http://www.akamai.com

Dittrich, D.: The DoS project’s “trinoo” distributed denial of service attack tool. University of Washington (1999). http://staff.washington.edu/dittrich/misc/trinoo.analysis.txt

Dittrich, D.: The tribe flood network distributed denial of service attack tool. University of Washington (2002)

Barlow, J., Thrower, W.: TFN2K an analysis (2000). http://security.royans.net/info/posts/bugtraq_ddos2.shtml

Dittrich, D., Weaver, G., Dietrich, S., Long, N.: The “mstream” distributed denial of service attack tool (2000). http://staff.washington.edu/dittrich/misc/mstream.analysis.txt3

Gupta, B.B., Joshi, R.C., Misra, M.: Distributed denial of service prevention techniques. Int. J. Comput. Electr. Eng. IJCEE 2(2), 268–276 (2012). arXiv preprint arXiv:1208.3557 (2010)

Weiler, N.: Honeypots for distributed denial-of-service attacks. In: Proceedings of the 11th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE, pp. 109–114 (2002). doi:10.1109/ENABL.2002.1029997

10.

Bhavani, Y., Reddy, P.N.: An efficient IP traceback through packet marking algorithm. Int. J. Netw. Secur. Appl. IJNSA 2, 132–142 (2010)

11.

Kalkan, K., Alagz, F.: A distributed filtering mechanism against DDoS attacks: ScoreForCore. Comput. Netw. 108, 199–209 (2016). doi:10.1016/j.comnet.2016.08.023 CrossRef

12.

Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: an effective defense against spoofed DDoS attracks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 30–41 (2003). doi:10.1145/948109.948116.

13.

Mahajan, R., Bellovin, S.M., Floyd, S., Ioannidis, J., Paxson, V., Shenker, S.: Controlling high bandwidth aggregates in the network. ACM SIGCOMM Comput. Commun. Rev. 32(3), 62–73 (2002). doi:10.1145/571697.571724 CrossRef

14.

Argyraki, K.J., Cheriton, D.R.: Active internet traffic filtering: real-time response to denial-of-service attacks. In: USENIX Annual Technical Conference, General track, pp. 135–148 (2005)

15.

Seo, D., Lee, H., Perrig, A.: PFS: probabilistic filter scheduling against distributed denial-of-service attacks. In: 36th Conference on Local Computer Networks (LCN), pp. 9–17. IEEE (2011). doi:10.1109/LCN.2011.6114645

16.

Ferguson, P.: Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing (2000)

17.

Park, K., Lee, H.: On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. ACM SIGCOMM Comput. Commun. Rev. 31(4), 15–26 (2001). doi:10.1145/964723.383061 CrossRef

18.

Kim, Y., Lau, Y.C., Chuah, M.C., Chao, H.J.: PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks. IEEE Trans. Dependable Secure Comput. 3(2), 141–155 (2006). doi:10.1109/TDSC.2006.25 CrossRef

19.

Franois, J., Aib, I., Boutaba, R.: FireCol: a collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Trans. Netw. (TON) 20(6), 1828–1841 (2012). doi:10.1109/TNET.2012.2194508 CrossRef

20.

Kasera, S., Pinheiro, J., Loader, C., Karaul, M., Hari, A., LaPorta, T.: Fast and robust signaling overload control. In: 9th International Conference on Network Protocols, pp. 323–331 (2001). doi:10.1109/ICNP.2001.992913

21.

OMNeT++. http://www.omnetpp.org

22.

Kaur, R., Sangal, A.L., Kumar, K.: Modeling and simulation of DDoS attack using Omnet++. In: International Conference on Signal Processing and Integrated Networks (SPIN), pp. 220–225 (2014). doi:10.1109/SPIN.2014.6776951

Title: Super-Router: A Collaborative Filtering Technique Against DDoS Attacks
Authors: Akshat Gaurav
Awadhesh Kumar Singh
Publisher: Springer Singapore
Book: Advanced Informatics for Computing Research
Print ISBN: 978-981-10-5779-3

Electronic ISBN: 978-981-10-5780-9

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-981-10-5780-9_27

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner