Skip navigation

A self-aware approach to denial of service defence

A self-aware approach to denial of service defence

Gelenbe, Erol and Loukas, George (2007) A self-aware approach to denial of service defence. Computer Networks, 51 (5). pp. 1299-1314. ISSN 1389-1286 (doi:https://doi.org/10.1016/j.comnet.2006.09.009)

[img] PDF (Author's copy)
15025_Loukas_A self aware approach to denial (author's copy) 2007.pdf - Accepted Version
Restricted to Registered users only

Download (693kB)

Abstract

Denial of service (DoS) attacks are a serious security threat for Internet based organisations, and effective methods are needed to detect an attack and defend the nodes being attacked in real time. We propose an autonomic approach to DoS defence based on detecting DoS flows, and adaptively dropping attacking packets upstream from the node being attacked using trace-back of the attacking flows. Our approach is based on the Cognitive Packet Network infrastructure which uses smart packets to select paths based on Quality of Service. This approach allows paths being used by a flow (including an attacking flow) to be identified, and also helps legitimate flows to find robust paths during an attack. We evaluate the proposed approach using a mathematical model, as well as using experiments in a laboratory test-bed. We then suggest a more sophisticated defence framework based on authenticity tests as part of the detection mechanism, and on assigning priorities to incoming traffic and rate-limiting it on the basis of the outcome of these tests.

Item Type: Article
Uncontrolled Keywords: network security, intrusion detection, denial of service
Faculty / Department / Research Group: Faculty of Architecture, Computing & Humanities > Department of Computing & Information Systems
Last Modified: 28 Jun 2016 04:17
Selected for GREAT 2016: None
Selected for GREAT 2017: None
Selected for GREAT 2018: None
Selected for GREAT 2019: None
URI: http://gala.gre.ac.uk/id/eprint/15025

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics