Skip to main content
SpringerLink
Log in

Automated Immunization Against Denial-of-Service Attacks Featuring Stochastic Packet Inspection

  • Conference paper
Book cover Grid and Cooperative Computing - GCC 2005 (GCC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3795))

Included in the following conference series:

  • 467 Accesses

Abstract

Denial of Service attacks are easy to implement, difficult to trace, and inflict serious damage on target networks in a short amount of time. This model eliminates attack packets from a router using probability packet inspection as an automated defense against DoS. The detection module begins with an initial probability for inspecting packets. As an attack commences and the occupied bandwidth of the channel increases, the detection module optimizes the inspection probability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial-of-Service Activity (February 2001)

    Google Scholar 

  2. Lan., F., Rubin, S.H., Smith, M.H., Trajovic, L.: Distributed Denial of Service Attacks. IEEE International Conference on System, Man, and Cybernetics (2000)

    Google Scholar 

  3. Gibson, S.: DRDoS (February 2002), http://grc.com/doc/drdos/htm

  4. Axelsson, S.: Intrusion detection systems: A survey and taxonomy., Technicalreport, De-part. Of Computer Engineering, Chalmers University (2000)

    Google Scholar 

  5. Peng, T., Leckie, C., Ramamohanarao, K.: Detecting Distributed Denial of Service Attack Using Source IP Address Monitoring

    Google Scholar 

  6. Goodrich, M.T.: Efficient Packet Masking for Large-Scale IP Traceback. In: CCS 2002 (November 2002)

    Google Scholar 

  7. Bellovin, S., Taylor, T.: ICMP Traceback Message, RFC 2026, Internet Engineering Task Force (2003)

    Google Scholar 

  8. Ferguson, P., Senie, D.: Em Network ingress filtering: Defeating denial of service at-tacks which employ ip source address spoofing. In: RFC 2827 (2001)

    Google Scholar 

  9. Cho, K., Kaizaki, R., Kato, A.: An Aggregation Technique for Traf.c Monitoring. In: IEEE Proceedings of the 2002 Symposium on Applications and the Internet (2002)

    Google Scholar 

  10. Jin, C., Wang, H., Shin, K.G.: Hop-Count Filtering: An Effective Defense Against Spoofed DDoS Traffic. In: CCS 2003 (October 2003)

    Google Scholar 

  11. Yih Huang, J., Pullen, M.: Countering Denial-of-Service Attacks Using Congestion Trig-gered Packet Sampling and Filtering (2001)

    Google Scholar 

  12. Sangpachatanaruk, C., Khattab, S.M., Znati, T., Melhem, R., Moss, D.: A Simulation Study of the Proactive Server Roaming for Mitigating Denial of Service Attacks (2002)

    Google Scholar 

  13. Mukkamala, S., Janoski, G., Sung, A.H.: Intrusion Detection Using Neural Network and Support Vector Machine. IEEE, Los Alamitos (2002)

    Google Scholar 

  14. Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion Detection Using Ensemble of Soft Computing Paradigms (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Information Security Technologies (CIST), Korea University,  

    Jongho Kim, Jaeik Cho & Jongsub Moon

Authors
  1. Jongho Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jaeik Cho
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jongsub Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. China Knowledge Grid Research Group, Key Lab of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing, China

    Hai Zhuge

  2. Community Grids Lab, Indiana University Bloomington,  

    Geoffrey C. Fox

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, J., Cho, J., Moon, J. (2005). Automated Immunization Against Denial-of-Service Attacks Featuring Stochastic Packet Inspection. In: Zhuge, H., Fox, G.C. (eds) Grid and Cooperative Computing - GCC 2005. GCC 2005. Lecture Notes in Computer Science, vol 3795. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11590354_4

Download citation

  • DOI: https://doi.org/10.1007/11590354_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30510-1

  • Online ISBN: 978-3-540-32277-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation