Advertisement

Super-Router: A Collaborative Filtering Technique Against DDoS Attacks

  • Akshat GauravEmail author
  • Awadhesh Kumar Singh
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 712)

Abstract

DDoS attack is one of the well known cyber attacks of Internet era, which affects on the availability of the network. In 1999, though Computer Incident Advisory Capability (CIAC) reports the first ever DDoS attack, but first major DDoS attack was recorded in year 2000 on some of the big websites e.g., Yahoo, Amazon, CNN, eBay etc. due to which their services went offline for few hours and huge amount of revenue losses were recorded. Since then DDoS attacks become favourite attacks of antagonists. There are so many different defense techniques available to detect and filter malicious traffic, but none of these methods could adequately filter out the malicious traffic. In this context, this paper proposed a new filtering scheme, Super-router, which uses collaborative filtering technique to filter malicious traffic. More specifically, Super-router uses unicast method of communication between filters which reduces the communication overheads and response time of individual filters. This makes Super-router an effective defense against DDoS attacks for high speed networks.

Keywords

DDoS attack Super-router method TCP-SYN attack SQL slammer attack NTP attack 

References

  1. 1.
    Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004). doi: 10.1145/997150.997156 CrossRefGoogle Scholar
  2. 2.
    Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004). doi: 10.1016/j.comnet.2003.10.003 CrossRefGoogle Scholar
  3. 3.
    Q2 State of Internet Security Report. http://www.akamai.com
  4. 4.
    Dittrich, D.: The DoS project’s “trinoo” distributed denial of service attack tool. University of Washington (1999). http://staff.washington.edu/dittrich/misc/trinoo.analysis.txt
  5. 5.
    Dittrich, D.: The tribe flood network distributed denial of service attack tool. University of Washington (2002)Google Scholar
  6. 6.
    Barlow, J., Thrower, W.: TFN2K an analysis (2000). http://security.royans.net/info/posts/bugtraq_ddos2.shtml
  7. 7.
    Dittrich, D., Weaver, G., Dietrich, S., Long, N.: The “mstream” distributed denial of service attack tool (2000). http://staff.washington.edu/dittrich/misc/mstream.analysis.txt3
  8. 8.
    Gupta, B.B., Joshi, R.C., Misra, M.: Distributed denial of service prevention techniques. Int. J. Comput. Electr. Eng. IJCEE 2(2), 268–276 (2012). arXiv preprint arXiv:1208.3557 (2010)Google Scholar
  9. 9.
    Weiler, N.: Honeypots for distributed denial-of-service attacks. In: Proceedings of the 11th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE, pp. 109–114 (2002). doi: 10.1109/ENABL.2002.1029997
  10. 10.
    Bhavani, Y., Reddy, P.N.: An efficient IP traceback through packet marking algorithm. Int. J. Netw. Secur. Appl. IJNSA 2, 132–142 (2010)Google Scholar
  11. 11.
    Kalkan, K., Alagz, F.: A distributed filtering mechanism against DDoS attacks: ScoreForCore. Comput. Netw. 108, 199–209 (2016). doi: 10.1016/j.comnet.2016.08.023 CrossRefGoogle Scholar
  12. 12.
    Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: an effective defense against spoofed DDoS attracks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 30–41 (2003). doi: 10.1145/948109.948116.
  13. 13.
    Mahajan, R., Bellovin, S.M., Floyd, S., Ioannidis, J., Paxson, V., Shenker, S.: Controlling high bandwidth aggregates in the network. ACM SIGCOMM Comput. Commun. Rev. 32(3), 62–73 (2002). doi: 10.1145/571697.571724 CrossRefGoogle Scholar
  14. 14.
    Argyraki, K.J., Cheriton, D.R.: Active internet traffic filtering: real-time response to denial-of-service attacks. In: USENIX Annual Technical Conference, General track, pp. 135–148 (2005)Google Scholar
  15. 15.
    Seo, D., Lee, H., Perrig, A.: PFS: probabilistic filter scheduling against distributed denial-of-service attacks. In: 36th Conference on Local Computer Networks (LCN), pp. 9–17. IEEE (2011). doi: 10.1109/LCN.2011.6114645
  16. 16.
    Ferguson, P.: Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing (2000)Google Scholar
  17. 17.
    Park, K., Lee, H.: On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. ACM SIGCOMM Comput. Commun. Rev. 31(4), 15–26 (2001). doi: 10.1145/964723.383061 CrossRefGoogle Scholar
  18. 18.
    Kim, Y., Lau, Y.C., Chuah, M.C., Chao, H.J.: PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks. IEEE Trans. Dependable Secure Comput. 3(2), 141–155 (2006). doi: 10.1109/TDSC.2006.25 CrossRefGoogle Scholar
  19. 19.
    Franois, J., Aib, I., Boutaba, R.: FireCol: a collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Trans. Netw. (TON) 20(6), 1828–1841 (2012). doi: 10.1109/TNET.2012.2194508 CrossRefGoogle Scholar
  20. 20.
    Kasera, S., Pinheiro, J., Loader, C., Karaul, M., Hari, A., LaPorta, T.: Fast and robust signaling overload control. In: 9th International Conference on Network Protocols, pp. 323–331 (2001). doi: 10.1109/ICNP.2001.992913
  21. 21.
  22. 22.
    Kaur, R., Sangal, A.L., Kumar, K.: Modeling and simulation of DDoS attack using Omnet++. In: International Conference on Signal Processing and Integrated Networks (SPIN), pp. 220–225 (2014). doi: 10.1109/SPIN.2014.6776951

Copyright information

© Springer Nature Singapore Pte Ltd. 2017

Authors and Affiliations

  1. 1.Department of Computer EngineeringNational Institute of TechnologyKurushatraIndia

Personalised recommendations