Title :
A Framework for a Collaborative DDoS Defense
Author :
Oikonomou, George ; Mirkovic, Jelena ; Reiher, Peter ; Robinson, Max
Author_Institution :
Delaware Univ., Newark, DE
Abstract :
Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism is necessary for a successful defense. Three main DDoS defense functionalities - attack detection, rate limiting and traffic differentiation - are most effective when performed at the victim-end, core and source-end respectively. Many existing systems are successful in one aspect of defense, but none offers a comprehensive solution and none has seen a wide deployment. We propose to harvest the strengths of existing defenses by organizing them into a collaborative overlay, called DefCOM, and augmenting them with communication and collaboration functionalities. Nodes collaborate during the attack to spread alerts and protect legitimate traffic, while rate limiting the attack. DefCOM can accommodate existing defenses, provide synergistic response to attacks and naturally lead to an Internet-wide response to DDoS threat
Keywords :
Internet; security of data; DDoS threat; DefCOM; Internet; attack detection; collaborative DDoS defense; collaborative overlay; critical services; distributed denial-of-service; legitimate traffic protection; rate limiting; security threat; traffic differentiation; Collaboration; Collaborative work; Computer crime; Floods; Organizing; Protection; Prototypes; Security; Telecommunication traffic; Web and internet services;
Conference_Titel :
Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
0-7695-2716-7
DOI :
10.1109/ACSAC.2006.5
