Title :
Bayes Optimal DDoS Mitigation by Adaptive History-Based IP Filtering
Author :
Goldstein, Markus ; Lampert, Christoph ; Reif, Matthias ; Stahl, Armin ; Breuel, Thomas
Author_Institution :
Res. Group Image Understanding & Pattern Recognition, German Res. Center for Artificial Intell. DFKI GmbH, Kaiserslautern
Abstract :
Distributed denial of service (DDoS) attacks are today the most destabilizing factor in the global internet and there is a strong need for sophisticated solutions. We introduce a formal statistical framework and derive a Bayes optimal packet classifier from it. Our proposed practical algorithm "adaptive history-based IP filtering" (AHIF) mitigates DDoS attacks near the victim and outperforms existing methods by at least 32% in terms of collateral damage. Furthermore, it adjusts to the strength of an ongoing attack and ensures availability of the attacked server. In contrast to other adaptive solutions, firewall rulesets used to resist an attack can be precalculated before an attack takes place. This ensures an immediate response in a DDoS emergency. For evaluation, simulated DDoS attacks and two real-world user traffic datasets are used.
Keywords :
Bayes methods; IP networks; Internet; information filtering; security of data; Bayes optimal DDoS mitigation; Bayes optimal packet classifier; adaptive history-based IP filtering; attacked server; distributed denial of service attacks; firewall rulesets; formal statistical framework; global Internet; Adaptive filters; Computer crime; IP networks; Information filtering; Information filters; Law; Legal factors; Traffic control; Web and internet services; Web server; Bayes; DDoS; History-Based IP Filtering; Mitigation;
Conference_Titel :
Networking, 2008. ICN 2008. Seventh International Conference on
Conference_Location :
Cancun
Print_ISBN :
978-0-7695-3106-9
Electronic_ISBN :
978-0-7695-3106-9
DOI :
10.1109/ICN.2008.64
