Title :
A Distributed and Coordinated Massive DDOS Attack Detection and Response Approach
Author :
Aroua, Mohamed Karim ; Zouari, Belhassen
Author_Institution :
LIP2 Lab., Univ. El Manar, Tunis, Tunisia
Abstract :
Nowadays Distributed Denial of Service (DDoS) attacks related to networked enterprise systems is a problem that has become much known. Many papers dealt with this type of attacks. Recently DDoS attacks that target large cyberspaces like national cyberspaces have become a hot topic. We start from an existing architecture called Saher Architecture. Saher is used to detect attacks threatening Tunisian National cyberspace. We improve this architecture and propose an approach that allows using a consensus algorithm executed by the probes of the Internet Service Providers in order to detect and react to massive DDoS attacks in a coordinated fashion and under Byzantine assumptions. Different levels of alerts are proposed and the reaction mechanisms depend on the type of the attack. The final outcome of this research is a framework that affords the necessary mechanisms allowing a national cyberspace to counter massive DDoS attacks by coordinating internet Service Providers effort in order to detect and respond to the attacks.
Keywords :
Internet; computer network security; security of data; Byzantine assumptions; ISP; Internet service providers; Saher Architecture; Tunisian National cyberspace; consensus algorithm; coordinated massive DDOS attack detection; distributed denial of service; distributed massive DDOS attack detection; national cyberspaces; networked enterprise systems; Computer crime; Cyberspace; Limiting; Probes; Proposals; Sensors; Vectors; Alert correlation; Attack response; DDos Attacks; Intrusion Detection; consensus algorithm;
Conference_Titel :
Computer Software and Applications Conference Workshops (COMPSACW), 2012 IEEE 36th Annual
Conference_Location :
Izmir
Print_ISBN :
978-1-4673-2714-5
Electronic_ISBN :
978-0-7695-4758-9
DOI :
10.1109/COMPSACW.2012.50
