Title :
You can run, but you can´t hide: an effective methodology to traceback DDoS attackers
Author :
Law, K.T. ; Lui, John C S ; Yau, David K Y
Author_Institution :
Dept. of Comput. Sci. & Eng., Chinese Univ. of Hong Kong, China
Abstract :
With the increase of sophistication and severity of DDoS (distributed denial of service) attack, it is important for a victim site to quickly identify the potential attackers and eliminate their traffic. Our work is based on the probabilistic marking algorithm by Savage et al. (2000) in which an attack graph can be constructed by a victim site. We extend the concept further such that we can deduce the local traffic rate of each router in the attack graph based on the received marked packets. Given the intensities of these local traffic rates, we can eliminate these attackers from sending high volumes of traffic to a victim site. More importantly, we propose a theoretical method to determine the minimum stable time tmin, which is the minimum time it takes to accurately determine the local traffic rate of every participating router in the attack graph.
Keywords :
Internet; graph theory; telecommunication network routing; telecommunication security; telecommunication traffic; DDoS attackers; attack graph; distributed denial of service; local traffic rate; minimum stable time; potential attackers; probabilistic marking algorithm; received marked packets; victim site; Computer crime; Computer science; Frequency; IP networks; Information filtering; Information filters; Large-scale systems; Pressing; Telecommunication computing; Web and internet services;
Conference_Titel :
Modeling, Analysis and Simulation of Computer and Telecommunications Systems, 2002. MASCOTS 2002. Proceedings. 10th IEEE International Symposium on
Print_ISBN :
0-7695-1840-0
DOI :
10.1109/MASCOT.2002.1167105
