Summary
|
For Full-Text PDF, please login, if you are a member of IEICE, or go to Pay Per View on menu list, if you are a nonmember of IEICE. |
|
Collaborative Defense Mechanism Using Statistical Detection Method against DDoS Attacks ByungHak SONG Joon HEO Choong Seon HONG Publication IEICE TRANSACTIONS on Communications Vol.E90-B No.10 pp.2655-2664 Publication Date: 2007/10/01 Online ISSN: 1745-1345 DOI: 10.1093/ietcom/e90-b.10.2655 Print ISSN: 0916-8516 Type of Manuscript: Special Section PAPER (Special Section on New Challenge for Internet Technology and its Architecture) Category: Keyword: IDS, DDoS attack, statistical detection, collaborative defense, detection threshold, Full Text: PDF(752.1KB)>>
Summary: Distributed Denial-of-Service attack (DDoS) is one of the most outstanding menaces on the Internet. A DDoS attack generally attempts to overwhelm the victim in order to deny their services to legitimate users. A number of approaches have been proposed for defending against DDoS attacks accurately in real time. However, existing schemes have limits in terms of detection accuracy and delay if the IDRS (Intrusion Detection and Response System) deployed only at a specific location detects and responds against attacks. As in this case, it is not able to catch the characteristic of the attack which is distributed in large-scale. Moreover, the existing detection schemes have vulnerabilities to intellectual DDoS attacks which are able to avoid its detection threshold or delay its detection time. This paper suggests the effective DDoS defense system which uses the collaborative scheme among distributed IDRSs located in the vicinity of the attack source or victim network. In proposed scheme, both victim and source-end IDRS work synergistically to identify the attack and avoid false alarm rate up to great extent. Additionally, we propose the duplicate detection window scheme to detect various attacks dynamics which increase the detection threshold gradually in early stage. The proposed scheme can effectively detect and respond against these diverse DDoS attack dynamics. | |||||
|
|