DocumentCode
2972866
Title
You can run, but you can´t hide: an effective methodology to traceback DDoS attackers
Author
Law, K.T. ; Lui, John C S ; Yau, David K Y
Author_Institution
Dept. of Comput. Sci. & Eng., Chinese Univ. of Hong Kong, China
fYear
2002
fDate
2002
Firstpage
433
Lastpage
440
Abstract
With the increase of sophistication and severity of DDoS (distributed denial of service) attack, it is important for a victim site to quickly identify the potential attackers and eliminate their traffic. Our work is based on the probabilistic marking algorithm by Savage et al. (2000) in which an attack graph can be constructed by a victim site. We extend the concept further such that we can deduce the local traffic rate of each router in the attack graph based on the received marked packets. Given the intensities of these local traffic rates, we can eliminate these attackers from sending high volumes of traffic to a victim site. More importantly, we propose a theoretical method to determine the minimum stable time tmin, which is the minimum time it takes to accurately determine the local traffic rate of every participating router in the attack graph.
Keywords
Internet; graph theory; telecommunication network routing; telecommunication security; telecommunication traffic; DDoS attackers; attack graph; distributed denial of service; local traffic rate; minimum stable time; potential attackers; probabilistic marking algorithm; received marked packets; victim site; Computer crime; Computer science; Frequency; IP networks; Information filtering; Information filters; Large-scale systems; Pressing; Telecommunication computing; Web and internet services;
fLanguage
English
Publisher
ieee
Conference_Titel
Modeling, Analysis and Simulation of Computer and Telecommunications Systems, 2002. MASCOTS 2002. Proceedings. 10th IEEE International Symposium on
ISSN
1526-7539
Print_ISBN
0-7695-1840-0
Type
conf
DOI
10.1109/MASCOT.2002.1167105
Filename
1167105
Link To Document