论文信息 - Design and Operational Characteristics of a Distributed Cooperative Infrastructure against DDoS Attacks

Design and Operational Characteristics of a Distributed Cooperative Infrastructure against DDoS Attacks

In this paper we present an inter-domain cooperative infrastructure against Distributed Denial of Service (DDoS) Attacks. The infrastructure is established between the networks that choose to participate. A software system, the Cooperative IDS Entity, is deployed at each participating domain. The main operational characteristics of this Entity and of the infrastructure as a whole are presented and a number of parameters that influence DDoS discovery and reaction efficiency are discussed. We also examine an operation scenario on actual topologies and attempt to demonstrate the validity of the concept.

Basil Maglaris | Fotis Stamatelopoulos | Georgios Koutepas | Vasilios Hatziyannakis

[1] D. Curry,et al. Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition , 2004 .

[2] Rocky K. C. Chang,et al. Engineering of a global defense infrastructure for DDoS attacks , 2002, Proceedings 10th IEEE International Conference on Networks (ICON 2002). Towards Network Superiority (Cat. No.02EX588).

[3] B. Maglaris,et al. Efficiency and Performance Issues in Distributed Intrusion Detection Systems , 2002 .

[4] Dan Schnackenberg,et al. Infrastructure for intrusion detection and response , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[5] D. Frincke,et al. A Framework for Cooperative Intrusion Detection , 1998 .

[6] Kevin C. Almeroth,et al. The evolution of multicast: from the MBone to interdomain multicast to Internet2 deployment , 2000, IEEE Netw..

[7] Brett Wilson,et al. Autonomic Response to Distributed Denial of Service Attacks , 2001, Recent Advances in Intrusion Detection.

[8] Steven M. Bellovin,et al. Implementing Pushback: Router-Based Defense Against DDoS Attacks , 2002, NDSS.