E-CAP: An Extended Capability Based Mechanism to Limit Distributed Denial of Service Attacks

Author

Singh, Rajeev ; Das, Suman ; Toshniwal, Durga ; Mishra, Manoj ; Joshi, R.C.

Author_Institution

Dept. of Electron. & Comput. Eng., I.I.T. Roorkee, Roorkee

fYear

2008

fDate

16-18 July 2008

Firstpage

1244

Lastpage

1249

Abstract

Traffic Validation Architecture (TVA) is a capability based network architecture that tries to limit Distributed Denial of Service Attacks (DDoS). It considers only the victimpsilas approval in the capability granting process. We propose an extension to the approach by involving two new parameters, the bottleneck linkpsilas status and message type, in the capability granting mechanism. Both these parameters are considered at the router after the destination has granted capability to send, to the source. Source is allowed to send the data only if the reply to its request containing capability information is bypassed by the router. The inclusion of parameters at the router helps in removing congestion at the bottleneck link and reduces the effect of colluders. The proposed mechanism utilizes the TVA Architecture

Keywords

Internet; telecommunication network routing; telecommunication security; telecommunication traffic; Internet infrastructure; bottleneck link; capability granting mechanism; distributed denial of service attack; extended capability based mechanism; telecommunication network routing; traffic validation architecture; Authorization; Bandwidth; Communication system traffic control; Computer architecture; Computer crime; Filtering; Filters; Internet; Telecommunication traffic; Traffic control; Capability; DDoS; Security; TVA;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Trends in Engineering and Technology, 2008. ICETET '08. First International Conference on

Conference_Location

Nagpur, Maharashtra

Print_ISBN

978-0-7695-3267-7

Electronic_ISBN

978-0-7695-3267-7

Type

conf

DOI

10.1109/ICETET.2008.201

Filename

4580095