Gelenbe, Erol and Loukas, George ORCID: 0000-0003-3559-5182 (2007) A self-aware approach to denial of service defence. Computer Networks, 51 (5). pp. 1299-1314. ISSN 1389-1286 (doi:https://doi.org/10.1016/j.comnet.2006.09.009)

PDF (Author's copy) 15025_Loukas_A self aware approach to denial (author's copy) 2007.pdf - Accepted Version Restricted to Registered users only Download (693kB)

Abstract

Denial of service (DoS) attacks are a serious security threat for Internet based organisations, and effective methods are needed to detect an attack and defend the nodes being attacked in real time. We propose an autonomic approach to DoS defence based on detecting DoS flows, and adaptively dropping attacking packets upstream from the node being attacked using trace-back of the attacking flows. Our approach is based on the Cognitive Packet Network infrastructure which uses smart packets to select paths based on Quality of Service. This approach allows paths being used by a flow (including an attacking flow) to be identified, and also helps legitimate flows to find robust paths during an attack. We evaluate the proposed approach using a mathematical model, as well as using experiments in a laboratory test-bed. We then suggest a more sophisticated defence framework based on authenticity tests as part of the detection mechanism, and on assigning priorities to incoming traffic and rate-limiting it on the basis of the outcome of these tests.

Item Type:	Article
Uncontrolled Keywords:	network security, intrusion detection, denial of service
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified:	26 Nov 2020 22:35
URI:	http://gala.gre.ac.uk/id/eprint/15025

Actions (login required)

View Item

Downloads