Browse > Article

Theoretical Performance Analysis between Attack Prevention Schemes and Attack Mitigation Schemes  

Ko Kwang-Sun (School of Info. and Comm. Eng., Sungkyunkwan University)
Eom Young-Ik (School of Info. and Comm. Eng., Sungkyunkwan University)
Publication Information
Journal of the Institute of Electronics Engineers of Korea TC / v.43, no.7, 2006 , pp. 84-92 More about this Journal
Abstract
To defeat abnormal traffic driven by DoS (Denial-of-Service) or DDoS (Distributed DoS), there has been a variety of researches or studies in a few decades. In this paper, we present the results of theoretical performance analysis between attack prevention schemes and attack mitigation schemes. The former is a scheme that prevents abnormal incoming traffic from forwarding into a specific network based on filtering rules, and the latter is a scheme that makes some perimeter or intermediate routers, which exist on the traffic forwarding path, prevent abnormal traffic based on their own abnormal traffic information, or that mitigates abnormal traffic by using quality-of-service mechanisms at the gateway of the target network. The aspects of theoretical performance analysis are defined as the transit rates of either normal traffic or false-positive traffic after an attack detection routine processes its job, and we also present the concrete network bandwidth rates to control incoming traffic.
Keywords
attack prevention; attack mitigation; theoretical performance analysis; abnormal traffic;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 조은경, 고광선, 이태근, 강용혁, 엄영익, '리눅스 Netfilter 프레임웍과 CBQ 라우팅 기능을 이용한 비정상 트래픽 제어 시스템 설계,' 한국정보보호학회논문지, 한국정보보호학회, Vol. 13 No. 6, pp. 129-140, December 2003
2 고광선, 강용혁, 엄영익, '단계적 비정상 트래픽 대응 기법 설계 및 이론적 분석,' 한국정보보호학회 논문지, 한국정보보호학회, Vol. 16, No.1, pp. 55-63, February 2006   과학기술학회마을
3 D. Song, R. Malan, and R. Stone, A Snapshot of Global Internet Worm Activity, Technical Report, Arbor Networks, November 2001
4 R. K. C. Chang, 'Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial,' IEEE Communications Magazine, Vol. 40, No. 10, pp. 42-51, October 2002   DOI   ScienceOn
5 V. L. L. Thing, H. C. J. Lee, and M. Sloman, 'Traffic Redirection Attack Protection System (TRAPS),' in Proc. of the 20th IFIP International Information Security Conference, pp. 309-326, Chiba, JAPAN, May 2005
6 F. Kargl, J. Maier, and M. Weber, 'Protecting Web Servers from Distributed Denial of Service Attacks,' in Proc. of the 10th International conference on World Wide Web, pp. 514-524, Hong Kong, May 2001   DOI
7 A. Garg and A. L. N. Reddy, 'Mitigation of DoS attacks through QoS regulation,' in Proc. of the 10th IEEE International Workshop on Quality of Service (IWQoS2002), pp. 45-53, Miami Beach, USA, 2002   DOI
8 S. Park, J. Oh, and J. lang, 'High-Speed Attack Mitigation Engine by Packet Filtering and Rate-limiting using FPGA,' in Proc. of the 8th International Conference on Advanced Commu-nication Technology (ICACT 2006), pp. 680-685, Gangwon-Do, Republic of Korea, February 2006
9 R. Chen and J. M. Park, 'Attack Diagnosis: Throttling Distributed Denial-of-Service Attacks Close to the Attack Sources,' in Proc. of 14th International Conference on Computer Communi-cations and Networks (ICCCN 2005), pp. 275-280, California USA, October 2005   DOI
10 M. Sung and J. Xu, 'IP Traceback-Based Intelligent Packet Filtering: A Novel Technique for Defending against Internet DDoS Attacks,' IEEE Trans. on Parallel and Distributed Systems, Vol. 14, No. 9, pp. 861-872, September 2003   DOI   ScienceOn
11 A. Machie, J. Roculan, R. Russell, and M. V. Velzen, Nimda Worm Analysis, Technical Report, Incident Analysis, SecurityFocus, September 2001
12 CERT/CC, CERT Advisory CA-2001-26 Nimda Worm, http://www.cert.org/advisories/CA-2001-26.html, September 2001
13 S. Staniford, V. Paxson, and N. Weaver, 'How to Own the Internet in Your Spare Time,' in Proc. of the 11th USENIX Security Symposium (Security '02), pp. 149-167, San Francisco, USA, August 2002
14 R. Russell and A. Machie, Code Red II Worm, Technical Report, Incident Analysis, SecurityFocus, August 2001