Hachem et al., 2012 - Google Patents
HADEGA: A novel MPLS-based mitigation solution to handle network attacksHachem et al., 2012
View PDF- Document ID
- 6903215503900524513
- Author
- Hachem N
- Debar H
- Garcia-Alfaro J
- Publication year
- Publication venue
- 2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC)
External Links
Snippet
We present HADEGA, a novel adaptive mitigation solution to handle the impact of network attacks. By extracting information from network detection alerts, and build upon the Multiprotocol Label Switching (MPLS) standard, the solution assigns labels and quality of …
- 230000000116 mitigating 0 title abstract description 91
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
- H04L12/5695—Admission control; Resource allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/50—Network service management, i.e. ensuring proper service fulfillment according to an agreement or contract between two parties, e.g. between an IT-provider and a customer
- H04L41/5019—Ensuring SLA
- H04L41/5025—Ensuring SLA by proactively reacting to service quality change, e.g. degradation or upgrade, by reconfiguration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/12—Congestion avoidance or recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/50—Network service management, i.e. ensuring proper service fulfillment according to an agreement or contract between two parties, e.g. between an IT-provider and a customer
- H04L41/5003—Managing service level agreement [SLA] or interaction between SLA and quality of service [QoS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/70—Admission control or resource allocation
- H04L47/82—Miscellaneous aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/30—Special provisions for routing multiclass traffic
- H04L45/302—Route determination based on requested QoS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/30—Special provisions for routing multiclass traffic
- H04L45/306—Route determination based on the nature of the carried application
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sahay et al. | Towards autonomic DDoS mitigation using software defined networking | |
| US10708146B2 (en) | Data driven intent based networking approach using a light weight distributed SDN controller for delivering intelligent consumer experience | |
| Ioannidis et al. | Implementing pushback: Router-based defense against DDoS attacks | |
| Sahay et al. | ArOMA: An SDN based autonomic DDoS mitigation framework | |
| Chen et al. | SDNShield: Towards more comprehensive defense against DDoS attacks on SDN control plane | |
| Dietzel et al. | Stellar: network attack mitigation using advanced blackholing | |
| EP3449600B1 (en) | A data driven intent based networking approach using a light weight distributed sdn controller for delivering intelligent consumer experiences | |
| Dang et al. | Sdn-based syn proxy—a solution to enhance performance of attack mitigation under tcp syn flood | |
| JP2008512970A (en) | Method and system for security of network traffic | |
| Sahay et al. | Adaptive policy-driven attack mitigation in SDN | |
| Dridi et al. | A holistic approach to mitigating DoS attacks in SDN networks | |
| Doriguzzi-Corin et al. | Application-centric provisioning of virtual security network functions | |
| Chen et al. | SDNShield: NFV-based defense framework against DDoS attacks on SDN control plane | |
| Migault et al. | A framework for enabling security services collaboration across multiple domains | |
| Hachem et al. | HADEGA: A novel MPLS-based mitigation solution to handle network attacks | |
| Ezekiel et al. | Dynamic attack mitigation using SDN | |
| Xiao et al. | A practical approach for providing QoS in the Internet backbone | |
| Garcia et al. | Demons: A ddos mitigation nfv solution | |
| Moubarak et al. | Design and implementation of BGP novel control mechanism (BGP-NCM) based on network performance parameters | |
| Soylu et al. | NFV-Guard: Mitigating flow table-overflow attacks in SDN using NFV | |
| Kolhar et al. | QoS design consideration for enterprise and provider's network at ingress and egress router for VoIP protocols | |
| Schudel et al. | Router security strategies: Securing IP network traffic planes | |
| Al-Haddad et al. | A Survey of Quality of Service (QoS) Protocols and Software-Defined Networks (SDN) From the Traditional to the Latest Network Architecture | |
| Mohana Priya et al. | Cog-SDN: Mitigation mechanism for distributed denial of service attacks in software defined networks | |
| Kind et al. | The role of network processors in active networks |