Use of IP Addresses for High Rate Flooding Attack Detection

Abstract : High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a "white list" filter in a firewall as part of the mitigation strategy.
Type de document :
Communication dans un congrès
Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.124-135, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_12〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054522
Contributeur : Hal Ifip <>
Soumis le : jeudi 7 août 2014 - 10:17:36
Dernière modification le : vendredi 11 août 2017 - 11:12:40
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:36:24

Fichier

11-Paper-212-Use_of_IP_Address...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Ejaz Ahmed, George Mohay, Alan Tickle, Sajal Bhatia. Use of IP Addresses for High Rate Flooding Attack Detection. Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.124-135, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_12〉. 〈hal-01054522〉

Partager

Métriques

Consultations de la notice

96

Téléchargements de fichiers

633