Title :
Active ingress monitoring (AIM): an intrusion isolation scheme in active networks
Author :
Kim, Gitae ; Bogovic, Tony
Author_Institution :
Telcordia Technol. Inc., Morristown, NJ, USA
Abstract :
Denial of Service (DoS) attacks have proven to be a challenging issue for the Internet community. We present a novel approach, active ingress monitoring (AIM), to effectively isolate DoS attacks that use randomly forged source IP addresses. Unlike the existing approaches, AIM reduces the computational overloads by executing the monitoring and filtering operations on selected packet streams only when needed. In addition, our scheme does not require complicated requirements or mandatory participation from every individual network in the Internet. AIM is based on the active networks environment and operates in the network layer based on passive traffic monitoring
Keywords :
Internet; monitoring; security of data; telecommunication security; telecommunication traffic; transport protocols; Internet; active ingress monitoring; active networks; active routers; computational overload reduction; denial of service attacks; filtering operations; intrusion isolation; monitoring operations; network layer; packet streams; passive traffic monitoring; programmable network; randomly forged source IP address; Computer crime; Data security; IP networks; Information filtering; Information filters; Intelligent networks; Monitoring; Telecommunication traffic; Unicast; Web and internet services;
Conference_Titel :
Communications, 2001. ICC 2001. IEEE International Conference on
Conference_Location :
Helsinki
Print_ISBN :
0-7803-7097-1
DOI :
10.1109/ICC.2001.936302
