A collaborative approach for proactive detection of distributed denial of service attacks

Abstract : Distributed Denial of Service attacks (DDoS) are a major threat to the Internet and detecting this kind of attacks as far as possible from the victim and close as possible to its source is a real challenge. We propose a new framework named FireCollaborator to deal with this problem on the Internet Service Provider (ISP) level, based on collaborating Intrusion Prevention Systems (IPS). A potential victim asks and pays the ISP to be protected. The key point is to use compressed metrics (i.e., frequency and entropy) based on the routing rules in order to extract suspected flows. The information and alerts are shared amongst the IPSs to enhance their believes about the network status and thus to counter the attacks far away from the victim and to save the network resources.
Type de document :
Communication dans un congrès
IEEE Workshop on Monitoring, Attack Detection and Mitigation - MonAM'2007, Nov 2007, Toulouse, France. 2007
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00188020
Contributeur : Jérôme François <>
Soumis le : mercredi 1 octobre 2008 - 13:17:42
Dernière modification le : lundi 8 octobre 2018 - 20:42:06
Document(s) archivé(s) le : lundi 12 avril 2010 - 02:20:27

Fichier

monam.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00188020, version 1

Collections

Citation

Jérôme François, Adel El-Atawy, Ehab Al Shaer, Raouf Boutaba. A collaborative approach for proactive detection of distributed denial of service attacks. IEEE Workshop on Monitoring, Attack Detection and Mitigation - MonAM'2007, Nov 2007, Toulouse, France. 2007. 〈inria-00188020〉

Partager

Métriques

Consultations de la notice

366

Téléchargements de fichiers

218