Visible to the public IM-Shield: A Novel Defense System against DDoS Attacks under IP Spoofing in High-speed Networks

TitleIM-Shield: A Novel Defense System against DDoS Attacks under IP Spoofing in High-speed Networks
Publication TypeConference Paper
Year of Publication2022
AuthorsWu, Hua, Zhang, Xuange, Chen, Tingzheng, Cheng, Guang, Hu, Xiaoyan
Conference NameICC 2022 - IEEE International Conference on Communications
KeywordsDDoS Defense, denial-of-service attack, Filtering, high-speed network, high-speed networks, Internet, IP networks, IP spoofing, Predictive Metrics, pubcrawl, Real-time Systems, Resiliency, Router Systems Security, Routing protocols
AbstractDDoS attacks are usually accompanied by IP spoofing, but the availability of existing DDoS defense systems for high-speed networks decreases when facing DDoS attacks with IP spoofing. Although IP traceback technologies are proposed to focus on IP spoofing in DDoS attacks, there are problems in practical application such as the need to change existing protocols and extensive infrastructure support. To defend against DDoS attacks under IP spoofing in high-speed networks, we propose a novel DDoS defense system, IM-Shield. IM-Shield uses the address pair consisting of the upper router interface MAC address and the destination IP address for DDoS attack detection. IM-Shield implements fine-grained defense against DDoS attacks under IP spoofing by filtering the address pairs of attack traffic without requiring protocol and infrastructure extensions to be applied on the Internet. Detection experiments using the public dataset show that in a 10Gbps high-speed network, the detection precision of IM-Shield for DDoS attacks under IP spoofing is higher than 99.9%; and defense experiments simulating real-time processing in a 10Gbps high-speed network show that IM-Shield can effectively defend against DDoS attacks under IP spoofing.
DOI10.1109/ICC45855.2022.9838621
Citation Keywu_im-shield_2022