Title :
An Aggregative Approach for Scalable Detection of DoS Attacks
Author :
Hamidi, Alireza ; Ganti, Sudhakar ; Wu, Kui
Author_Institution :
Dept. of Comput. Sci., Univ. of Victoria, Victoria, BC
Abstract :
In Voice Over IP (VoIP) systems, intruders can launch DoS attacks by establishing a large number of open connections to prevent the system from serving legitimate users. Existing defenses against DoS attacks on VoIP systems maintain full state information and thus are not scalable to implement at core routers. To this end, we adopt a two-layer aggregation scheme, termed Advanced Partial Completion Filters (APCF), to defend against DoS attacks without tracking state information of each individual connection. APCF provides adjustable control parameters so that both false alarms and detection rate can be controlled.
Keywords :
Internet telephony; security of data; telecommunication security; VoIP; advanced partial completion filters; scalable DoS attack detection; two-layer aggregation scheme; voice-over-IP system; Aggregates; Communication system control; Computer crime; Computer science; Counting circuits; Filters; Internet telephony; Maintenance; TCPIP; Working environment noise;
Conference_Titel :
Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE
Conference_Location :
New Orleans, LO
Print_ISBN :
978-1-4244-2324-8
DOI :
10.1109/GLOCOM.2008.ECP.392
