To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
An Integrated Framework for Proactive Mitigation, Characterization and Traceback of DDoS Attacks |
|
Author |
Bhavana Gandhi, R. C. Joshi |
| Citation |
Vol. 7 No. 3 pp. 274-282 |
|
Abstract |
Denial of Service (DoS) attacks pose a severe security threat to the steady functioning of any network. These attacks aim at depleting the resources of a server or an administrative network by overwhelming it with enormous and useless traffic. The outcome of this is the fact that legitimate users are denied service. Though an array of schemes has been proposed for the detection of the presence of these attacks, characterizing of the flows as a normal flow or a malicious one, identifying the sources of the attacks and mitigating the effects of the attacks once they have been detected, there is still a dearth of complete frameworks that encompass multiple stages of the process of defense against DoS attacks. In this paper, we propose a novel framework which deals with proactively mitigating the influence of the attack , characterization of the TCP flows as attack or legitimate, and identification of the path traversed by the flow once it has been characterized as an attack flow. Generation of copies of TCP/IP headers by predefined intermediate routers provides for the dual functionality of proactive mitigation and traceback. The characterization of the flows has been achieved by an innovative Exactly Periodic Subspace Decomposition (EPSD) based approach. We validate the effectiveness of the approach with simulation in ns-2, integrated with Matlab, on a Linux platform. |
|
Keywords |
Distributed Denial of Service (DDoS), EPSD, characterization, mitigation, traceback |
|
URL |
