Defending Against Null Calls Stream Attacks by Using a Double-Threshold Dynamic Filter
暂无分享,去创建一个
In this paper, A NCSA (Null Calls Stream Attack) attack that can happen in ATM control plane is pointed out. After analyzing its characteristics, a riskcost-based solution — double-threshold dynamic filter — is brought forward. The analytical expression and algorithm of the threshold setting are also given. By implementing the algorithm on ATM access equipments, the NCSA attack can be blocked effectively. Finally, the solution is validated in a simulated environment.
[1] Atm Forum. ATM user-network interface (UNI) specification : version 3.1 , 1993 .
[2] Alfonso Valdes,et al. Next-generation Intrusion Detection Expert System (NIDES)A Summary , 1997 .
[3] Paul Ferguson,et al. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.