An Outlier Detection Based DDoS Defense Method

An outlier detection based large scale Distributed Denial of Service defense method (ODM) is proposed. The ODM method filters suspicious traffic strictly, and establishes a white list at the mean time. Experimental results show that ODM method can be used to defend against lager scale DDoS, and it gives a new way to mitigate collateral damage.

[1]  Rui Guo,et al.  Research on the Detection of Distributed Denial of Service Attacks Based on the Characteristics of IP Flow , 2008, NPC.

[2]  Raymond T. Ng,et al.  Distance-based outliers: algorithms and applications , 2000, The VLDB Journal.

[3]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD '00.

[4]  Kang G. Shin,et al.  Defense Against Spoofed IP Traffic Using Hop-Count Filtering , 2007, IEEE/ACM Transactions on Networking.

[5]  Victoria J. Hodge,et al.  A Survey of Outlier Detection Methodologies , 2004, Artificial Intelligence Review.

[6]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD 2000.

[7]  Xun Wang,et al.  On the effectiveness of secure overlay forwarding systems under intelligent distributed DoS attacks , 2006, IEEE Transactions on Parallel and Distributed Systems.

[8]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[9]  Krishan Kumar,et al.  Shared Based Rate Limiting: An ISP level Solution to Deal DDoS Attacks , 2006, 2006 Annual IEEE India Conference.

[10]  G. Manimaran,et al.  Unified Defense Against DDoS Attacks , 2007, Networking.

[11]  Jae-Kwang Lee,et al.  Multi Layer Approach to Defend DDoS Attacks Caused by Spam , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[12]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.

[13]  Ross J. Anderson,et al.  The XenoService { A Distributed Defeat for Distributed Denial of Service , 2000 .

[14]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[15]  K. El Defrawy,et al.  Optimal Allocation of Filters against DDoS Attacks , 2007, 2007 Information Theory and Applications Workshop.

[16]  Shiuh-Pyng Shieh,et al.  Defending against spoofed DDoS attacks with path fingerprint , 2005, Comput. Secur..

[17]  Jelena Mirkovic,et al.  A Framework for a Collaborative DDoS Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).