%0 Conference Proceedings
%T A Distributed Mechanism to Protect Against DDoS Attacks
%+ Forcepoint
%+ Colorado State University [Fort Collins] (CSU)
%A Mosharraf, Negar
%A Jayasumana, Anura, P.
%A Ray, Indrakshi
%Z Part 6: Security in Networks and Web
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 31th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC)
%C Philadelphia, PA, United States
%Y Giovanni Livraga
%Y Sencun Zhu
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXI
%V LNCS-10359
%P 529-540
%8 2017-07-19
%D 2017
%R 10.1007/978-3-319-61176-1_29
%Z Computer Science [cs]Conference papers
%X Distributed Denial of Service (DDoS) attacks remain one of the most serious threats on the Internet. Combating such attacks to protect the victim and network infrastructure requires a distributed real-time defense mechanism. We propose Responsive Point Identification using Hop distance and Attack estimation rate (RPI-HA) that when deployed is able to filter out attack traffic and allow legitimate traffic in the event of an attack. It dynamically activates detection and blocks attack traffic while allowing legitimate traffic, as close to the source nodes as possible so that network resources are not wasted in propagating the attack. RPI-HA identifies the most effective points in the network where the filter can be placed to minimize attack traffic in the network and maximize legitimate traffic for the victim during the attack period. Extensive OPNET$$^{\copyright }$$ based simulations with a real network topology and CAIDA attack data set shows that the method is able to place all filtering routers within three routers of the attacker nodes and stop 95% of attack traffic while allowing 77% of legitimate traffic to reach victim node.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01684374/document
%2 https://inria.hal.science/hal-01684374/file/453481_1_En_29_Chapter.pdf
%L hal-01684374
%U https://inria.hal.science/hal-01684374
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-10359