Path Attestation Scheme to Avert DDoS Flood Attacks

Abstract : DDoS mitigation schemes are increasingly becoming relevant in the Internet. The main hurdle faced by such schemes is the \nearly indistinguishable" line between malicious tra c and genuine tra c. It is best tackled with a paradigm shift in connection handling by attest- ing the path. We therefore propose the scheme called \Path Attestation Scheme" coupled with a metric called \Con dence Index" to tackle the problem of distinguishing malicious and genuine tra c in a progressive manner, with varying levels of certainty. We support our work through an experimental study to establish the stability of Internet topology by using 134 di erent global Internet paths over a period of 16 days. Our Path Attestation Scheme was able to successfully distinguish between malicious and genuine tra c, 85% of the time. The scheme presupposes support from a fraction of routers in the path.
Type de document :
Communication dans un congrès
Mark Crovella; Laura Marie Feeney; Dan Rubenstein; S. V. Raghavan. 9th International IFIP TC 6 Networking Conference (NETWORKING), May 2010, Chennai, India. Springer, Lecture Notes in Computer Science, LNCS-6091, pp.397-408, 2010, NETWORKING 2010. 〈10.1007/978-3-642-12963-6_32〉
Liste complète des métadonnées

Littérature citée [10 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01059127
Contributeur : Hal Ifip <>
Soumis le : vendredi 29 août 2014 - 13:52:21
Dernière modification le : samedi 21 juillet 2018 - 17:22:02
Document(s) archivé(s) le : dimanche 30 novembre 2014 - 10:40:43

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Raktim Bhattacharjee, S. Sanand, S. V. Raghavan. Path Attestation Scheme to Avert DDoS Flood Attacks. Mark Crovella; Laura Marie Feeney; Dan Rubenstein; S. V. Raghavan. 9th International IFIP TC 6 Networking Conference (NETWORKING), May 2010, Chennai, India. Springer, Lecture Notes in Computer Science, LNCS-6091, pp.397-408, 2010, NETWORKING 2010. 〈10.1007/978-3-642-12963-6_32〉. 〈hal-01059127〉

Partager

Métriques

Consultations de la notice

84

Téléchargements de fichiers

106