A Complete Detection and Mitigation Framework to Protect a Network from DDoS Attacks

被引:5
|
作者
Baishya, Ram Charan [1 ]
Bhattacharyya, D. K. [1 ]
机构
[1] Tezpur Univ, Comp Sci & Engn Dept, Napaam, India
来源
IETE JOURNAL OF RESEARCH | 2022年 / 68卷 / 01期
关键词
DDoS; DDoS defense; Victim end DDoS defense; Anti-spoofing DDoS defense;
D O I
10.1080/03772063.2019.1604173
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
In this paper we present a complete framework for detection and mitigation of different types of commonly seen deadly DDoS attacks. The system assumes bi-directional traffic information at an edge router to detect and mitigate the attacks. A router might not always see the outgoing traffic corresponding to the incoming traffic carried by the router and which has always been a problem for other approaches which assume bi-directionality of the traffic in the monitoring point. We introduce an agent-based technique which enables each edge router to validate the bi-directional nature of effectiveness of our detection and mitigation the incoming traffic passing through them. We present several experiments demonstrating the system. Also, we introduce a packet marking scheme called as XORID, which can be used to defend against spoofing based DDoS attacks.
引用
收藏
页码:315 / 332
页数:18
相关论文
共 50 条
  • [21] Modelling and simulations for DDoS attacks mitigation in identifier-locator split network
    Liu, Ying
    Lee, Yang Sun
    Zhang, Hong-Ke
    Wu, Tin-Yu
    Lo, Chi-Hsiang
    INTERNATIONAL JOURNAL OF COMPUTER MATHEMATICS, 2013, 90 (12) : 2541 - 2552
  • [22] A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques
    Srinivasan, Karthik
    Mubarakali, Azath
    Alqahtani, Abdulrahman Saad
    Kumar, A. Dinesh
    INTELLIGENT COMMUNICATION TECHNOLOGIES AND VIRTUAL MOBILE NETWORKS, ICICV 2019, 2020, 33 : 252 - 270
  • [23] Detection and mitigation of DDoS attacks based on multi-dimensional characteristics in SDN
    Wang, Kun
    Fu, Yu
    Duan, Xueyuan
    Liu, Taotao
    SCIENTIFIC REPORTS, 2024, 14 (01):
  • [24] United We Stand: Collaborative Detection and Mitigation of Amplification DDoS Attacks at Scale
    Wagner, Daniel
    Kopp, Daniel
    Wichtlhuber, Matthias
    Dietzel, Christoph
    Hohlfeld, Oliver
    Smaragdakis, Georgios
    Feldmann, Anja
    CCS '21: PROCEEDINGS OF THE 2021 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2021, : 970 - 987
  • [25] DDoS Attacks Detection and Mitigation Using Economic Incentive-Based Solution
    Dahiya, Amrita
    Gupta, B. B.
    FIRST INTERNATIONAL CONFERENCE ON SUSTAINABLE TECHNOLOGIES FOR COMPUTATIONAL INTELLIGENCE, 2020, 1045 : 729 - 738
  • [26] Real-Time Detection and Mitigation of DDoS Attacks in Intelligent Transportation Systems
    Haydari, Ammar
    Yilmaz, Yasin
    2018 21ST INTERNATIONAL CONFERENCE ON INTELLIGENT TRANSPORTATION SYSTEMS (ITSC), 2018, : 157 - 163
  • [27] Collaborative detection of DDoS attacks over multiple network domains
    Chen, Yu
    Hwang, Kai
    Ku, Wei-Shinn
    IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2007, 18 (12) : 1649 - 1662
  • [28] Network Parameters Applicable in Detection of Infrastructure Level DDoS Attacks
    Cvitic, Ivan
    Perakovic, Dragan
    Perisa, Marko
    Musa, Mario
    2017 25TH TELECOMMUNICATION FORUM (TELFOR), 2017, : 310 - 313
  • [29] FireCol: A Collaborative Protection Network for the Detection of Flooding DDoS Attacks
    Francois, Jerome
    Aib, Issam
    Boutaba, Raouf
    IEEE-ACM TRANSACTIONS ON NETWORKING, 2012, 20 (06) : 1828 - 1841
  • [30] Distributed change detection for worms, DDoS and other network attacks
    Cardenas, AA
    Baras, JS
    Ramezani, V
    PROCEEDINGS OF THE 2004 AMERICAN CONTROL CONFERENCE, VOLS 1-6, 2004, : 1008 - 1013
12345