DocumentCode
2654272
Title
Optimal Placement of Detection Nodes against Distributed Denial of Service Attack
Author
Islam, Muhammad Hasan ; Nadeem, Kamran ; Khan, Shoab A.
Author_Institution
Center for Adv. Studies in Eng., Islamabad
fYear
2009
fDate
22-24 Jan. 2009
Firstpage
675
Lastpage
679
Abstract
Distributed denial of service (DDoS) attacks have become a major threat to organizations and especially to Internet and intranet. In DDoS attacks targets are overwhelmed by sending an enormous amount of traffic from a number of attack sites. The major tasks of any defense system are to detect these attacks accurately and early on, before it causes an unrecoverable loss. Most of the research in this regard has been focused on the detection techniques without exploiting spatial placement of detection system in a network. The ideal way to completely eliminate the DDoS threat is to run detection mechanism on every node in the network, which is not a practical solution. In this paper, we focus on the optimized placement of detection nodes in a network for distributed detection of DDoS attacks, which not only minimize the number of these node required but also reduce the cost, processing overheads and larger delays in identifying an attack. We examine the placement problem of finding a minimum cardinality set of nodes to detect DDoS attacks such that no attack traffic can reach the target without being monitored by these sensors. The placement problem is formulated as set packing.
Keywords
Internet; security of data; telecommunication traffic; Internet; detection nodes; distributed denial of service attack; minimum cardinality set; optimal placement; run detection mechanism; Communication system traffic control; Computer crime; Computer networks; Condition monitoring; Costs; Distributed computing; Floods; Network topology; Optimal control; Telecommunication traffic;
fLanguage
English
Publisher
ieee
Conference_Titel
Advanced Computer Control, 2009. ICACC '09. International Conference on
Conference_Location
Singapore
Print_ISBN
978-1-4244-3330-8
Type
conf
DOI
10.1109/ICACC.2009.114
Filename
4777428
Link To Document