Lancaster EPrints

Identifying Legitimate Clients under Distributed Denial-of-Service Attacks

Simpson, Steven and Lindsay, Adam and Hutchison, David (2010) Identifying Legitimate Clients under Distributed Denial-of-Service Attacks. In: 4th International Conference on Network and System Security (NSS), 2010. IEEE, pp. 365-370. ISBN 978-1-4244-8484-3

Full text not available from this repository.

Abstract

Distributed Denial of Service (DDoS) attacks are a persistent, current, and very real threat to networks. Expanding upon a flexible distributed framework for network remediation utilising multiple strategies, we examine a novel fusion of methods to maximise throughput from legitimate clients and minimise the impact from attackers. The basic approach is to build up a whitelist of likely legitimate clients by observing outgoing traffic, presenting a challenge though proof-of-work, and providing flow cookies. Traffic that does not match the expected profile is likely attack traffic, and can be heavily filtered during attack conditions. After we incrementally develop this approach, we explore the positive and negative impacts of this approach upon the network and analyse potential countermeasures.

Item Type: Contribution in Book/Report/Proceedings
Uncontrolled Keywords: Countermeasures ; DDoS ; Flow cookies ; Mitigation ; Proof-of-work ; Remediation
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: Faculty of Science and Technology > School of Computing & Communications
Faculty of Arts & Social Sciences > Lancaster Institute for the Contemporary Arts
ID Code: 42494
Deposited By: ep_importer_comp
Deposited On: 11 Nov 2010 10:46
Refereed?: No
Published?: Published
Last Modified: 24 Sep 2014 10:50
Identification Number:
URI: http://eprints.lancs.ac.uk/id/eprint/42494

Actions (login required)

View Item