2005 | OriginalPaper | Buchkapitel
Mitigating Network Denial-of-Service Through Diversity-Based Traffic Management
verfasst von : Ashraf Matrawy, Paul C. van Oorschot, Anil Somayaji
Erschienen in: Applied Cryptography and Network Security
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper we explore the feasibility of mitigating network denial-of-service (NDoS) attacks (attacks that consume network bandwidth) by dynamically regulating learned classes of network traffic. Our classification technique clusters packets based on the similarity of their contents – both headers and payloads – using a variation of
n
-grams which we call (
p
,
n
)-grams. We then allocate shares of bandwidth to each of these clusters using an adaptive traffic management technique. Our design intent is that excessive bandwidth consumers (e.g. UDP worms, flash crowds) are segregated so that they cannot consume bandwidth to the exclusion of other network traffic. Because this strategy, under congestion conditions, increases the packet drop rate experienced by sets of similar flows and thus reduces the relative drop rate of other, dissimilar flows, we characterize this strategy as
diversity-based traffic management
. We explain the approach at a high level and report on preliminary results that indicate that network traffic can be quickly and concisely learned, and that this classification can be used to regulate the bandwidth allocated to both constant packet and polymorphic flash UDP worms.