Intrusion Detection Routers: Design, Implementation and Evaluation Using an Experimental Testbed

Author

Chan, Eric Y K ; Chan, H.W. ; Chan, K.M. ; Chan, P.S. ; Chanson, Samuel T. ; Cheung, M.H. ; Chong, C.F. ; Chow, K.P. ; Hui, Albert K T ; Hui, Lucas C K ; Ip, S.K. ; Lam, C.K. ; Lau, W.C. ; Pun, K.H. ; Tsang, Y.F. ; Tsang, W.W. ; Tso, C.W. ; Yeung, D.Y. ;

Author_Institution

Dept. of Comput. Sci., Hong Kong Univ.

Volume

24

Issue

10

fYear

2006

Firstpage

1889

Lastpage

1900

Abstract

In this paper, we present the design, the implementation details, and the evaluation results of an intrusion detection and defense system for distributed denial-of-service (DDoS) attack. The evaluation is conducted using an experimental testbed. The system, known as intrusion detection router (IDR), is deployed on network routers to perform online detection on any DDoS attack event, and then react with defense mechanisms to mitigate the attack. The testbed is built up by a cluster of sufficient number of Linux machines to mimic a portion of the Internet. Using the testbed, we conduct real experiments to evaluate the IDR system and demonstrate that IDR is effective in protecting the network from various DDoS attacks

Keywords

Internet; Linux; security of data; telecommunication network routing; telecommunication security; DDoS; IDR; Internet; Linux machine; defense system; distributed denial-of-service attack; intrusion detection router; online detection; Computer crime; Computer science; Event detection; IP networks; Intrusion detection; Linux; Protection; Protocols; System testing; Web and internet services; Distributed denial-of-service (DDoS); intrusion detection; routers; testbed;

fLanguage

English

Journal_Title

Selected Areas in Communications, IEEE Journal on

Publisher

ieee

ISSN

0733-8716

Type

jour

DOI

10.1109/JSAC.2006.877214

Filename

1705620