论文信息 - An Adaptable Inter-Domain Infrastructure Against DoS Attacks

An Adaptable Inter-Domain Infrastructure Against DoS Attacks

Denial of Service Attacks have evolved to be one serious threat for Internet activities. Their massive, distributed, and hard to trace nature makes them impossible to be countered by the efforts of a single site. This paper presents an interdomain infrastructure that aims to coordinate detection and response to such attacks. The main building block of the design is a lightweight software platform installed at each participating domain that provides messaging and alert services and the point of coordinated response control. We describe the operation of this Cooperative IDS Entity and focus on its policy control features. The response capability that enables an effective cooperation is adaptable to suit the security policies and needs at each site.

B. Maglaris | G. Koutepas | F. Stamatelopoulos | V. Hatzigiannakis

[1] D. Frincke,et al. A Framework for Cooperative Intrusion Detection , 1998 .

[2] Dan Schnackenberg,et al. Infrastructure for intrusion detection and response , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[3] Brett Wilson,et al. Autonomic Response to Distributed Denial of Service Attacks , 2001, Recent Advances in Intrusion Detection.

[4] B. Maglaris,et al. Router-based detection of DoS and DDoS attacks , 2001 .

[5] Qi Zhang,et al. Indra: A Distributed Approach to Network Intrusion Detection and Prevention , 2001 .

[6] B. Maglaris,et al. Efficiency and Performance Issues in Distributed Intrusion Detection Systems , 2002 .

[7] Ratul Mahajan,et al. Controlling high bandwidth aggregates in the network , 2002, CCRV.

[8] D. Curry,et al. Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition , 2004 .