Skip to main content
SpringerLink
Log in
Book cover

International Conference on Distributed Computing and Networking

ICDCN 2009: Distributed Computing and Networking pp 181–186Cite as

Traffic Engineering Based Attack Detection in Active Networks

  • Conference paper

  • 783 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5408))

Abstract

Distributed denial of service attacks are the serious candidates for traffic analysis next to traffic performance evaluation. As these threats deplete the network resources rapidly particularly link parameters, modeling these attacks provide a strong base for analyzing the attack characteristics. The solution domain uses active networks for implementation, as it supports active routers which can perform customized tasks on demand and ease of deploying. The paper presents a model based on packet attributes to characterize the attack traffic and a detection and response framework based on the model. The detection mechanism uses leaky buckets to rate limit the traffic based on the packet ranking using linear arithmetic. The simulation results depicting the attack traffic passed through the network as well as the legitimate traffic dropped at the active routers, under different attack scenarios, are found to be comparable to existing solutions with improved efficiency in detection rate and time.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chen, L.-C., Longstaff, T.A., Carley, K.M.: Characterization of Defense Mechanisms against Distributed Denial of Service Attacks. Computer and Security (2004)

    Google Scholar 

  2. Bouzida, Y., Cuppens, F., Gombault, S.: Detecting and Reacting against Distributed Denial of Service Attacks. In: IEEE ICC proceedings (2006)

    Google Scholar 

  3. Borgnat, P., Abry, P., Dewaele, G., Larrieu, N., Owezarski, P., Zhang, Y., Labit, Y., Aussibal, J., Gallon, L., Scherrer, A., Bernaille, L., Boudaoud, K.: Denial of service attack detection based on a non Gaussian and multiresolution traffic modeling. Research report Project METROSEC (2006)

    Google Scholar 

  4. Yaar, A., Perrig, A., Song Pi, D.S.: A Path Identification Mechanism to Defend against DDoS Attacks. In: Proceedings of the IEEE Symposium on Security and Privacy (2003)

    Google Scholar 

  5. Madan, B.B., Goseva-Popstojanova, K., Kalyanaraman, V., Trivedi, K.S.: A Method for Modeling and Quantifying the Security Attributes of Intrusion Tolerant Systems. In: Dependable systems and networks-performance and dependability symposium, pp. 167–186 (2002)

    Google Scholar 

  6. Wang, Y., Lin, C., Li, Q.-L., Fang, Y.: A queueing analysis for the denial of service (DoS) attacks in computer networks. Computer Networks 51(12), 3564–3573 (2007)

    Article  MATH  Google Scholar 

  7. Nagesh, H.R., Chandra Sekaran, K., Kordcal, A.R.: Proactive model for Mitigating Internet Denial-of-Service Attacks. In: International Conference on Information Technology (2007)

    Google Scholar 

  8. Peng, T., Leckie, C., Ramamohanarao, K.: Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. White paper (2002)

    Google Scholar 

  9. Chen, Y., Kwok, Y.-K., Hwan, K.: Filtering Shrew DDoS Attacks Using A New Frequency-Domain Approach. In: Proceedings of The First IEEE LCN Workshop on Network Security (2005)

    Google Scholar 

  10. Ioannidis, J., Bellovin, S.M.: Implementing Pushback: Router-Based Defense Against DDoS Attacks. In: Network and Distributed System Security Symposium (2002)

    Google Scholar 

  11. Hussain, A., Heidemann, J., Papadopoulos, C.: Identification of Repeated Denial of Service Attacks. In: Proceedings of the IEEE Infocom (2006)

    Google Scholar 

  12. Oikonomou, G., Reiher, P., Robinson, M.: A Framework for A Collaborative DDoS Defense. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 33–42 (2006)

    Google Scholar 

  13. Mirkovic, J., Reiher, P.: D-WARD: A Source-End Defense Against Flooding Denial-of-Service Attacks. IEEE transactions on Dependable and Secure Computing 2(3), 216–232 (2005)

    Article  Google Scholar 

  14. Lam, H.-Y., Li, C.-P., Chanson, S.T., Yeung, D.-Y.: A Coordinated Detection and Response Scheme for Distributed Denial-of-Service Attacks. In: Proceedings of IEEE International Conference on Communications (2006)

    Google Scholar 

  15. Kim, Y., Lau, W.C., Chuah, M.C., Chao, H.J.: PacketScore: A Statistics-Based Packet Filtering Scheme against Distributed Denial-of-Service Attacks. In: Transactions on dependable and secure computing (2006)

    Google Scholar 

  16. Wetherall, D.J., Guttag, J.V., Tennenhouse, D.L.: ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols. IEEE Open Architectures and Network Programming (3-4), 117–129 (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Anna University, MIT, Chennai, India

    Jayashree Padmanabhan

  2. Department of Computer Science and Engineering, Anna University, CEG, Chennai, India

    K. S. Easwarakumar

Authors
  1. Jayashree Padmanabhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. S. Easwarakumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IBM India Research Laboratory, 110070, New Delhi, India

    Vijay Garg

  2. ETH Zurich, 8092, Zurich, Switzerland

    Roger Wattenhofer

  3. International Institute of Information Technology, 500032, Hyderabad, India

    Kishore Kothapalli

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Padmanabhan, J., Easwarakumar, K.S. (2008). Traffic Engineering Based Attack Detection in Active Networks. In: Garg, V., Wattenhofer, R., Kothapalli, K. (eds) Distributed Computing and Networking. ICDCN 2009. Lecture Notes in Computer Science, vol 5408. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-92295-7_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-92295-7_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-92294-0

  • Online ISBN: 978-3-540-92295-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation