Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Foundations and Practice of Security

FPS 2014: Foundations and Practice of Security pp 347–355Cite as

A Responsive Defense Mechanism Against DDoS Attacks

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8930))

Abstract

Distributed Denials of Service (DDoS) attacks are among the most serious threats on the Internet. With large-scale DDoS attacks, it is necessary to stop malicious traffic closer to the attack sources with minimal disruption of legitimate traffic. A responsive defense mechanism that filters potential attack traffic and prevents it from reaching the victim network is developed. First we investigate the features of network traffic that can be used for discriminating attacks from normal traffic, and then use the identified features to develop an accurate and robust signature-based filtering model that forms the basis of a responsive defense mechanism. A Bloom filter based mechanism is proposed to efficiently implement and disseminate the signature-based model; it helps reduce the communication overhead and the computation and storage requirements at the upstream routers that check for malicious traffic. The approach is verified and evaluated using the DARPA dataset. Experimental results show the effectiveness of the proposed scheme in blocking attack traffic and allowing most of the legitimate traffic at upstream routers.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Beitollahi, H., Deconinck, G.: Analyzing well known countermeasures against distributed denial of service attacks. Comput. Commun. 35(11), 1312–1332 (2012)

    Article  Google Scholar 

  2. Cabrera, J.B.D., Lewis, L.M., Qin, X.Z., Lee, W., Mehra, R.K.: Proactive intrusion detection and distributed denial of service attacks - a case study in security management. J. Netw. Syst. Manage. 10(2), 225–254 (2002)

    Article  Google Scholar 

  3. Cheng, J., Yin, J., Liu, Y., Cai, Z., Wu, C.: DDoS attack detection using IP address feature interaction. In: Proceedings of 1st International Conference Intelligent Networking and Collaborative Systems, pp. 113–118 (2009)

    Google Scholar 

  4. Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites. In: Proceedings of 11th World Wide Web conference, Honolulu, Hawaii (2002)

    Google Scholar 

  5. Lakhina, A., Crovella, M., Diot, C.: Diagnosing network-wide traffic anomalies. In: Proceedings of 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Portland, Oregon, USA (2004)

    Google Scholar 

  6. Lee, K., Kim, J., Kwon, K.H., Han, Y., Kim, S.: DDoS attack detection method using cluster analysis. Expert Syst. Appl. 34, 1659–1665 (2007)

    Article  Google Scholar 

  7. Manikopoulos, C., Papavassiliou, S.: Network intrusion and fault detection: a statistical anomaly approach. IEEE Commun. Mag. 40(10), 76–82 (2002)

    Article  Google Scholar 

  8. Mitzenmacher, M.: Compressed bloom filters. In: Proceedings of the 20th Annual ACM Symposium on Principles of Distributed Computing, Newport, Rhode Island, pp. 144–150 (2001)

    Google Scholar 

  9. Noh, S., Jung, G., Choi, K., Lee, C.: Compiling network traffic into rules using soft computing methods for the detection of flooding attacks. J. Appl. Soft Comput. 8(3), 1200–1210 (2008)

    Article  Google Scholar 

  10. Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attack using history-based IP filtering. In: Proceedings of IEEE International Conference on Communications, Anchorage, Alaska, pp. 482–486 (2003)

    Google Scholar 

  11. Peng, T., Leckie, C., Ramamohanarao, K.: Proactively detecting distributed denial of service attacks using source ip address monitoring. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)

    Google Scholar 

  12. Peng, T., Leckie, C., Ramamohanarao, K.: Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surv. 39(1), 1–42 (2007)

    Article  Google Scholar 

  13. RioRey, Inc.: 2009–2012, RioRey Taxonomy of DDoSAttacks, RioRey_Taxonomy_Rev_2.3_2012 (2012). http://www.riorey.com/x-resources/2012/RioRey_Taxonomy_DDoS_Attacks2012.eps

  14. Waikato Applied Network Dynamics Research Group. Auckland university data traces. http://wand.cs.waikato.ac.nz/wand/wits/

  15. http://www.darkreading.com/attacks-and-breaches/ddos-attack-hits-400-gbit-s-breaks-record/d/d-id/1113787

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Colorado State University, Fort Collins, CO, 80523, USA

    Negar Mosharraf & Anura P. Jayasumana

  2. Department of Computer Science, Colorado State University, Fort Collins, CO, 80523, USA

    Negar Mosharraf, Anura P. Jayasumana & Indrakshi Ray

Authors
  1. Negar Mosharraf
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anura P. Jayasumana
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Indrakshi Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Negar Mosharraf or Indrakshi Ray .

Editor information

Editors and Affiliations

  1. TELECOM Bretagne, Cesson Sévigné, France

    Frédéric Cuppens

  2. TELECOM SudParis, Evry, France

    Joaquin Garcia-Alfaro

  3. Dalhousie University, Halifax, Nova Scotia, Canada

    Nur Zincir Heywood

  4. University of Calgary, Calgary, Canada

    Philip W. L. Fong

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Mosharraf, N., Jayasumana, A.P., Ray, I. (2015). A Responsive Defense Mechanism Against DDoS Attacks. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P. (eds) Foundations and Practice of Security. FPS 2014. Lecture Notes in Computer Science(), vol 8930. Springer, Cham. https://doi.org/10.1007/978-3-319-17040-4_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-17040-4_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-17039-8

  • Online ISBN: 978-3-319-17040-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation