Skip to main content
SpringerLink
Log in

Detection and Identification Mechanism against Spoofed Traffic Using Distributed Agents

  • Conference paper
Computational Science and Its Applications – ICCSA 2004 (ICCSA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3043))

Included in the following conference series:

Abstract

Recently, as the serious damage caused by spoofed traffic like DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, and cannot especially identify the origin generating the spoofed traffic. In this paper, we describe a simple and practical solution that supports the immediate detection and identification for spoofing attack agent. Proposed agent needs only one per a router, and the modification of legacy routers is not required. So, if agents as many as routers are distributed, they can perfectly detect the spoofed traffic generated on themselves network, and directly identify the attack agent, regardless of spoofing level. We implement the proposed mechanism, experiment with strong DDoS tool on the real network, and confirm the effectiveness of our design.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 74.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. IETF RFC2827 (May 2000)

    Google Scholar 

  2. Flanagan, H.L.: Egress filtering – keeping the Internet safe from your systems, http://www.giac.org/practical/gsec/Heather_Flanagan_GSEC.pdf

  3. Park, K., Lee, H.: On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets. In: Proc. of ACM SGOMM, pp. 15–26 (2001)

    Google Scholar 

  4. Li, J., Mirkovic, J., Wang, M., Reiher, P., Zhang, L.: SAVE: Source Address Validity Enforcement Protocol. In: IEEE Infocom (2002)

    Google Scholar 

  5. Jin, C., Wang, H., Shin, K.G.: Hop-Count Filtering: An Effective Defense Against Spoofed Traffic. In: Proc. of the 10th ACM Conference on Computer and Communication Security (2003)

    Google Scholar 

  6. Peng, T., Leckie, C., Kotagiri, R.: Protection from Distributed Denial of Service Attacks Using History-based IP Filtering. In: ICC 2003 (2003)

    Google Scholar 

  7. Cabrera, J.B.D., Lewis, L., Qin, X., Lee, W., Prasanth, R.K., Ravichandran, B., Mehra, R.K.: Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables – A Feasibility Study. In: Proc. of the 7th IEEE/IFIP International Symposium on Integrated Network Management (May 2001)

    Google Scholar 

  8. Lipson, H.F.: Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, SPECIAL REPORT CMU/SEI-2002-SR-009 (November 2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Ewha Womans University, Korea

    Mihui Kim & Kijoon Chae

Authors
  1. Mihui Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kijoon Chae
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, I-06123, Perugia, Italy

    Antonio Laganá

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  5. OptimaNumerics Ltd., Cathedral House, 23-31 Waring Street, BT1 2DX, Belfast, UK

    C. J. Kenneth Tan

  6. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, M., Chae, K. (2004). Detection and Identification Mechanism against Spoofed Traffic Using Distributed Agents. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_79

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24707-4_79

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22054-1

  • Online ISBN: 978-3-540-24707-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation