A Dynamic Countermeasure Method for Large-Scale Network Attacks

Author

Liu, Zhaoyu ; Uppala, Roopesh

Author_Institution

Dept. of Software & Inf. Syst., North Carolina Univ., Charlotte, NC

fYear

2006

fDate

Sept. 29 2006-Oct. 1 2006

Firstpage

163

Lastpage

170

Abstract

Increased sophistication of present day worms leading to large scale denial of service attacks on vital installations has been a source of concern. Intrusion detection systems and intrusion prevention systems provide a limited solution to a concurrent problem. Proactive preemptive techniques employed by intrusion prevention systems are more effective than the reactive techniques employed by intrusion detection systems. However these techniques are not adequate to counter a large scale distributed denial of service attacks. In this paper, we propose a countermeasure which uses dynamic agents to mitigate denial of service attacks. These dynamics agents are called Gnipper vaccine. Gnipper vaccine provides an effective technique capable of providing an enterprise-wide response. Gnipper vaccine is an agent which resides on the host computer capable of dropping any malicious packets. The vaccine propagates one hop at a time towards the source of the attacker

Keywords

computer crime; invasive software; multi-agent systems; telecommunication security; Gnipper vaccine; denial of service attacks; dynamic agents; intrusion detection systems; intrusion prevention systems; large-scale network attacks; worms; Computer crime; Computer worms; Counting circuits; Information systems; Intrusion detection; Large-scale systems; Network servers; Robustness; Software systems; Vaccines;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable, Autonomic and Secure Computing, 2nd IEEE International Symposium on

Conference_Location

Indianapolis, IN

Print_ISBN

0-7695-2539-3

Type

conf

DOI

10.1109/DASC.2006.6

Filename

4030879