skip to main content
10.1145/1167253.1167293acmconferencesArticle/Chapter ViewAbstractPublication Pagesacm-seConference Proceedingsconference-collections
Article

A stochastic estimator/detector for mitigating denial of service attacks

Published: 18 March 2005 Publication History

Abstract

In this paper, the author defines an efficient formulation of a bad packet detector. This formulation specifies automated software which can update the firewall filter in real time to mitigate a distributed denial of service attack. This is particularly useful in the worst case scenario when it is not practical to trace the IP addresses, port numbers or notify Internet Service Providers (ISPs). The author assumes that attackers can't be stopped in the near term and the server must remain online to accept legitimate packets and provide needed services.

References

[1]
Cheswick W. R. and Bellovin S. M. Firewalls and Internet Security, Addison Wesley, Reading Massachusetts, 1993.
[2]
ISS, Distributed Denial of Service Attack Tools, www.iss.net
[3]
Gray and Davisson, Random Processes, Prentice-Hall Inc. Englewood Cliffs, N.J. 1986.
[4]
Freund and Walpole, Mathematical Statistics, Third Edition, Prentice Hall, Englewood Cliffs, 1980.
[5]
Kessler Gary C. Defenses Against Distributed Denial of Service Attacks, downloaded 10/31/2004 http://www.garykessler.net/library/ddos.html, November 2000
[6]
Kim, Lau, Chuah, and Chao, Packet Score: Statistics--based Overload control against Distributed Denial of Service Attacks, IEEE INFOCOM 2004.
[7]
Meinel, Carolyn, How Hackers Break In and How They Are Caught, SCIAM, Oct. 1998.
[8]
Papoulis A., Probability, Random Variables, and Stochastic Processes, second edition, McGraw-Hill, New York, 1984.
[9]
Rivera, William, Statistical Foundations for a Denial of Service Mitigation Estimator-Detector, 2004.
[10]
Rohatgi, V. K., An Introduction to Probability and Statistics, John Wiley and Sons, New York, 1976.
[11]
Stephen, J. The Changing Face of Distributed Denial of Service Mitigation, SANS Institute, 2001.
[12]
Stevens W. R., Unix Network Programming Volume I, Prentice Hall, Upper Saddle River, New Jersey, 1998.
[13]
Tretter, S. A., Discrete Time Signal Processing, John Wiley and Sons, New York, 1976.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ACMSE '05 vol 2: Proceedings of the 43rd annual ACM Southeast Conference - Volume 2
March 2005
430 pages
ISBN:1595930590
DOI:10.1145/1167253
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 March 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. IP address spoofing
  2. autocorrelation function
  3. automatic ingress filtering
  4. master computer
  5. packet flooding
  6. packet sniffer
  7. slave computer
  8. zombie process

Qualifiers

  • Article

Conference

ACM SE05
Sponsor:
ACM SE05: ACM Southeast Regional Conference 2005
March 18 - 20, 2005
Georgia, Kennesaw

Acceptance Rates

Overall Acceptance Rate 502 of 1,023 submissions, 49%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 324
    Total Downloads
  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media