Visible to the public Biblio

Filters: Keyword is IP Traceback  [Clear All Filters]
2019-11-04
Kahani, Nafiseh, Fallah, Mehran S..  2018.  A Reactive Defense Against Bandwidth Attacks Using Learning Automata. Proceedings of the 13th International Conference on Availability, Reliability and Security. :31:1-31:6.

This paper proposes a new adaptively distributed packet filtering mechanism to mitigate the DDoS attacks targeted at the victim's bandwidth. The mechanism employs IP traceback as a means of distinguishing attacks from legitimate traffic, and continuous action reinforcement learning automata, with an improved learning function, to compute effective filtering probabilities at filtering routers. The solution is evaluated through a number of experiments based on actual Internet data. The results show that the proposed solution achieves a high throughput of surviving legitimate traffic as a result of its high convergence speed, and can save the victim's bandwidth even in case of varying and intense attacks.

2015-04-30
Foroushani, V.A., Zincir-Heywood, A.N..  2014.  TDFA: Traceback-Based Defense against DDoS Flooding Attacks. Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on. :597-604.

Distributed Denial of Service (DDoS) attacks are one of the challenging network security problems to address. The existing defense mechanisms against DDoS attacks usually filter the attack traffic at the victim side. The problem is exacerbated when there are spoofed IP addresses in the attack packets. In this case, even if the attacking traffic can be filtered by the victim, the attacker may reach the goal of blocking the access to the victim by consuming the computing resources or by consuming a big portion of the bandwidth to the victim. This paper proposes a Trace back-based Defense against DDoS Flooding Attacks (TDFA) approach to counter this problem. TDFA consists of three main components: Detection, Trace back, and Traffic Control. In this approach, the goal is to place the packet filtering as close to the attack source as possible. In doing so, the traffic control component at the victim side aims to set up a limit on the packet forwarding rate to the victim. This mechanism effectively reduces the rate of forwarding the attack packets and therefore improves the throughput of the legitimate traffic. Our results based on real world data sets show that TDFA is effective to reduce the attack traffic and to defend the quality of service for the legitimate traffic.