Abstract
In this paper, A NCSA (Null Calls Stream Attack) attack that can happen in ATM control plane is pointed out. After analyzing its characteristics, a riskcost-based solution — double-threshold dynamic filter — is brought forward. The analytical expression and algorithm of the threshold setting are also given. By implementing the algorithm on ATM access equipments, the NCSA attack can be blocked effectively. Finally, the solution is validated in a simulated environment.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35515-3_53
Chapter PDF
Similar content being viewed by others
Reference
CERT Advisory CA-96.21 *. TCP SYN Flooding and IP Spoofing Attacks (revised), http://www.cert.org/, 1998.8.
CERT Advisory CA-96.21. TCP SYN Flooding and IP Spoofing Attacks, 1996.9.
P. Ferguson. Network Ingress Filtering: Defeating Denial-of-service Attacks which employ IP Source Address Spoofing, RFC2267. 1998. 1.
Anderson, D. et al.: SAFEGUARD FINAL REPORT - Detecting unusual behaviour using the NIDES statistical component, SRI International, 1993.
Anderson, D., Frivold, T. and Valdes A. Next Generation Intrusion Detection Expert-System (NIDES) - A Summary, Technical Report SRI-CSL-95–07, SRI International, 1995.
Anderson, D. et al.: Detecting Unusual Program Behaviour Using the Statistical Component of NIDES, Technical Report SRI-CSL-95–06, SRI International, 1995.
The ATM Forum Technical Committee: “User-Network Interface (UNI) Specification, Version 3.1”.
Thou Gairong. Probability and Statistic. Advanced Education Publisher. 1984. 3.
Haizhi Xu, et.al.: A D&C Mechanism to Solve the PNNI Topology Information Conflicting Problem, accepted for presentation at the SEC2000 conference of the WCC2000 conference, Beijing, 2000. 8.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this paper
Cite this paper
Xu, H., Cui, C., Lin, Y., Luo, T., Dong, Z. (2000). Defending Against Null Calls Stream Attacks by Using a Double-Threshold Dynamic Filter. In: Qing, S., Eloff, J.H.P. (eds) Information Security for Global Information Infrastructures. SEC 2000. IFIP — The International Federation for Information Processing, vol 47. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35515-3_27
Download citation
DOI: https://doi.org/10.1007/978-0-387-35515-3_27
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5479-7
Online ISBN: 978-0-387-35515-3
eBook Packages: Springer Book Archive