Skip navigation

Defending networks against denial of service attacks

Defending networks against denial of service attacks

Gelenbe, Erol, Gellman, Michael and Loukas, George ORCID: 0000-0003-3559-5182 (2004) Defending networks against denial of service attacks. In: Unmanned/Unattended Sensors and Sensor Networks. The International Society for Optical Engineering, pp. 233-243. (doi:https://doi.org/10.1117/12.578502)

[img] PDF (Author's Accepted Manuscript)
15029_Loukas_Defending networks against denial (AAM) 2004.pdf - Accepted Version
Restricted to Registered users only

Download (524kB)

Abstract

Denial of service attacks, viruses and worms are common tools for malicious adversarial behaviour in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behaviour either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behaviour. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Item Type: Conference Proceedings
Title of Proceedings: Unmanned/Unattended Sensors and Sensor Networks
Additional Information: Conference on Optics/Photonics in Security and Defence (SPIE), October 25, 2004, London, UK
Uncontrolled Keywords: network security, denial of service, network modelling
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified: 26 Nov 2020 22:35
URI: http://gala.gre.ac.uk/id/eprint/15029

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics