Abstract
In order to protect network from the Denial of Service attacks which sends excessive traffic to a host, it is required for network components to throttle unauthorized traffics. The attacker must be identified through the cooperation of routers and must be isolated by the nearest router. It is the most important to identify and isolate the attacker since the nearest router can make ideal blocking of the DoS attacks. In this research, we will present a protocol which can identify the attacker of DoS by the request of victim in cooperation of routers on the attacking path between a victim and the attacker. The performance of our protocol will be verified by simulations and the experiments show that it takes considerably small time to identify the location of attacker.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Felix Lau, Stuart H. Rubin, Michael H. Smith, and Ljiljana Trajkovic. Distributed Denial of Service Attacks. McGraw-Hill, 2000.
Dawn Song and Adrian Perrig. Advanced and authenticated marking schemes for IP traceback. In IEEE Infocomm, 2001.
Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson. Practical network support for IP traceback. ACM SIGCOMM, 2000.
Vern Paxon. An analysis using reflectors for distributed Denial-of-Service attacks. ACM SIGCOMM, 31(3), July 2001.
Eric Y. Chen. Aegis: An active-network-powered defense mechanism against ddos attacks. Lecvure Notes in Computer Science, 2207, 2001.
J. B. D. Cabrera, L. Lewis, Xinzhou Qin, Wenke Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra. Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study. In Proceedings of 2001 IEEE/IFIP International Symposium on Integrated Network Management, 2001.
Drew Dean, Matt Franklin, and Adam Stubblefield. An algebraic approach to IP traceback. ACM Transactions on Information and System Security, 5(2):199–137, May 2002.
J. D. Case et al. SNMP v2. RFC 1441, 1993.
F. Baker. Requirements for IP version 4 routers. RFC 1812, 1995.
http://www.isi.edu/nsnam/ns/. The Network Simulator-ns-2.
Kevin Fall and Kannan Varadhan. The NS Manual. UC Berkeley, 2001.
http://www.uu.net/network/maps/northam/index.xml. WorldCom’s UUNET network maps.
P. Ferguson. Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. RFC 2267, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Song, H.Y., Kim, Hg. (2003). Cooperative Routers against DoS Attacks. In: Safavi-Naini, R., Seberry, J. (eds) Information Security and Privacy. ACISP 2003. Lecture Notes in Computer Science, vol 2727. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45067-X_18
Download citation
DOI: https://doi.org/10.1007/3-540-45067-X_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40515-3
Online ISBN: 978-3-540-45067-2
eBook Packages: Springer Book Archive