Abstract | ||
---|---|---|
In this paper, a novel deterministic edge router marking scheme to mitigate denial of service (DoS) attacks and perform traceback is proposed. The scheme is compatible to packet fragmentation and at the same time does not add space overhead. The proposed technique produces low false positive as well as adds very low processing and storage overhead at the edge router. An issue with existing filtering scheme for DoS attacks is that they suffer from heavy collateral damage. Our proposed scheme minimises collateral damage using signature pushback and allows legitimate traffic to be served smoothly. We optimise pushback by using Lamport hash chain and filtering time by sorting the attack feature based on its entropy. Empirical results confirm that our system is fast, accurate, scalable and greatly reduces blocking of legitimate traffic during the filtering phase. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1504/IJCNDS.2014.064042 | IJCNDS |
Keywords | Field | DocType |
ddos,hashing,distributed denial of service,dos,ip fragmentation,denial of service,distributed systems,computer networks | Denial-of-service attack,Computer science,Computer network,Filter (signal processing),Sorting,Hash function,Router,Hash chain,IP fragmentation,Distributed computing,Scalability | Journal |
Volume | Issue | Citations |
13 | 2 | 0 |
PageRank | References | Authors |
0.34 | 10 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Samant Saurabh | 1 | 27 | 4.16 |
Sangita Roy | 2 | 0 | 0.34 |
Ashok Singh Sairam | 3 | 43 | 10.83 |