Optimal Source-Based Filtering of Malicious Traffic

被引：16

作者：

Soldo, Fabio ^{[1
]}

Argyraki, Katerina ^{[2
]}

Markopoulou, Athina ^{[1
]}

机构：

[1] Univ Calif Irvine, Dept Elect Engn & Comp Sci, Irvine, CA 92697 USA

[2] EPFL, Sch Comp Sci & Commun Sci, CH-1025 Vaud, Switzerland

来源：

IEEE-ACM TRANSACTIONS ON NETWORKING | 2012年 / 20卷 / 02期

基金：

瑞士国家科学基金会; 美国国家科学基金会;

关键词：

Clustering algorithms; filtering; Internet; network security; KNAPSACK-PROBLEMS;

D O I：

10.1109/TNET.2011.2161615

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we consider the problem of blocking malicious traffic on the Internet via source-based filtering. In particular, we consider filtering via access control lists (ACLs): These are already available at the routers today, but are a scarce resource because they are stored in the expensive ternary content addressable memory (TCAM). Aggregation (by filtering source prefixes instead of individual IP addresses) helps reduce the number of filters, but comes also at the cost of blocking legitimate traffic originating from the filtered prefixes. We show how to optimally choose which source prefixes to filter for a variety of realistic attack scenarios and operators' policies. In each scenario, we design optimal, yet computationally efficient, algorithms. Using logs from Dshield.org, we evaluate the algorithms and demonstrate that they bring significant benefit in practice.

引用

页码：381 / 395

页数：15

共 50 条

[1] Research into two source-based control algorithms for Internet traffic flows
Yang, CY
Fu, CH
[J]. COMPUTER COMMUNICATIONS, 2001, 24 (15-16) : 1661 - 1672
[2] Optimal source-based rerouting for self-healing networks
Kam, T
Kim, DS
[J]. HSNMC 2002: 5TH IEEE INTERNATIONAL CONFERENCE ON HIGH SPEED NETWORKS AND MULTIMEDIA COMMUNICATIONS, 2002, : 223 - 228
[3] Driver Source-Based Traffic Control Approach for Mitigating Congestion in Freeway Bottlenecks
Li, Minglun
Yang, Hu
Guo, Bao
Dai, Jianjun
Wang, Pu
[J]. JOURNAL OF ADVANCED TRANSPORTATION, 2022, 2022
[4] Source-based trace exploration
Chitil, O
[J]. IMPLEMENTATION AND APPLICATION OF FUNCTIONAL LANGUAGES, 2005, 3474 : 126 - 141
[5] SOURCE-BASED NOMENCLATURE OF COPOLYMERS
TALROZE, RV
[J]. VYSOKOMOLEKULYARNYE SOEDINENIYA SERIYA A, 1986, 28 (05): : 1096 - 1110
[6] Reflections on source-based approaches
Hubert, P
[J]. QUANTIFIED SOCIETAL RISK AND POLICY MAKING, 1998, 12 : 205 - 206
[7] 'Source-based' heterogeneous solid modeling
Siu, YK
Tan, ST
[J]. COMPUTER-AIDED DESIGN, 2002, 34 (01) : 41 - 55
[8] Source-based software risk assessment
van Deursen, A
Kuipers, T
[J]. INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE, PROCEEDINGS, 2003, : 385 - 388
[9] THE SCHEFFLIN A source-based Search For Traces
Seeburger, Moritz
[J]. WAFFEN-UND KOSTUMKUNDE, 2019, 61 (02): : 155 - 186
[10] SOURCE-BASED NOMENCLATURE FOR COPOLYMERS (RECOMMENDATIONS 1985)
RING, W
MITA, I
JENKINS, AD
BIKALES, NM
[J]. PURE AND APPLIED CHEMISTRY, 1985, 57 (10) : 1427 - 1440

← 1 2 3 4 5 →