Detection, traceback and filtering of denial of service attacks in networked embedded systems

This work presents a composite scheme for detection, traceback and filtering of distributed denial of service (DDoS) attacks in networked embedded systems. A method based on algorithmic analysis of various node and network parameters is used to detect attacks while a packet marking method is used to mitigate the effects of the attack by filtering the incoming traffic that is part of this attack and trace back to the origin of the attack. The combination of the detection and mitigation methods provide an increased level of security in comparison to approaches based on a single method. Furthermore, the scheme is developed in a way to comply with the novel SHIELD secure architecture being developed, which aims at providing interoperability with other secure components as well as metrics to quantify their security properties.

[1]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[2]  Heejo Lee,et al.  On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[3]  Kyriakos Stefanidis,et al.  Packet-Marking Scheme for DDoS Attack Prevention , 2005 .

[4]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[5]  G. Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[6]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.

[7]  Stuart Harvey Rubin,et al.  Distributed denial of service attacks , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[8]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.