DocumentCode
3331343
Title
Bayes Optimal DDoS Mitigation by Adaptive History-Based IP Filtering
Author
Goldstein, Markus ; Lampert, Christoph ; Reif, Matthias ; Stahl, Armin ; Breuel, Thomas
Author_Institution
Res. Group Image Understanding & Pattern Recognition, German Res. Center for Artificial Intell. DFKI GmbH, Kaiserslautern
fYear
2008
fDate
13-18 April 2008
Firstpage
174
Lastpage
179
Abstract
Distributed denial of service (DDoS) attacks are today the most destabilizing factor in the global internet and there is a strong need for sophisticated solutions. We introduce a formal statistical framework and derive a Bayes optimal packet classifier from it. Our proposed practical algorithm "adaptive history-based IP filtering" (AHIF) mitigates DDoS attacks near the victim and outperforms existing methods by at least 32% in terms of collateral damage. Furthermore, it adjusts to the strength of an ongoing attack and ensures availability of the attacked server. In contrast to other adaptive solutions, firewall rulesets used to resist an attack can be precalculated before an attack takes place. This ensures an immediate response in a DDoS emergency. For evaluation, simulated DDoS attacks and two real-world user traffic datasets are used.
Keywords
Bayes methods; IP networks; Internet; information filtering; security of data; Bayes optimal DDoS mitigation; Bayes optimal packet classifier; adaptive history-based IP filtering; attacked server; distributed denial of service attacks; firewall rulesets; formal statistical framework; global Internet; Adaptive filters; Computer crime; IP networks; Information filtering; Information filters; Law; Legal factors; Traffic control; Web and internet services; Web server; Bayes; DDoS; History-Based IP Filtering; Mitigation;
fLanguage
English
Publisher
ieee
Conference_Titel
Networking, 2008. ICN 2008. Seventh International Conference on
Conference_Location
Cancun
Print_ISBN
978-0-7695-3106-9
Electronic_ISBN
978-0-7695-3106-9
Type
conf
DOI
10.1109/ICN.2008.64
Filename
4498160
Link To Document