Sciweavers

ACSAC
2006
IEEE

A Framework for a Collaborative DDoS Defense

14 years 6 months ago
A Framework for a Collaborative DDoS Defense
Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism is necessary for a successful defense. Three main DDoS defense functionalities — attack detection, rate limiting and traffic differentiation — are most effective when performed at the victim-end, core and sourceend respectively. Many existing systems are successful in one aspect of defense, but none offers a comprehensive solution and none has seen a wide deployment. We propose to harvest the strengths of existing defenses by organizing them into a collaborative overlay, called DefCOM, and augmenting them with communication and collaboration functionalities. Nodes collaborate during the attack to spread alerts and protect legitimate traffic, while rate limiting the attack. DefCOM can accommodate existing defenses, provide synergistic response to attacks and naturally lead to an Internet...
George C. Oikonomou, Jelena Mirkovic, Peter L. Rei
Added 10 Jun 2010
Updated 10 Jun 2010
Type Conference
Year 2006
Where ACSAC
Authors George C. Oikonomou, Jelena Mirkovic, Peter L. Reiher, Max Robinson
Comments (0)