A pioneer scheme in the detection and defense of DrDoS attack involving spoofed flooding packets |
Kavisankar, L.
(Department of Computer science and Engineering, Anna University)
Chellappan, C. (Department of Computer science and Engineering, Anna University) Sivasankar, P. (Electronics Engineering Department, NITTTR) Karthi, Ashwin (Department of Computer science and Engineering, Anna University) Srinivas, Avireddy (Department of Information Technology, Madras Institute of Technology, Anna University) |
1 | S. Ranjan, R. Swaminathan, M. Uysal and A. Nucci, and E. Knightly, "DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer attacks," IEEE/ACM Transactions on, Networking, vol. 17, no. 1, pp. 2639, February 2009. |
2 | L. Kavisankar and C. Chellappan, "CNoA: Challenging Number Approach for uncovering TCP SYN flooding using SYN spoofing attack," International Journal of Network Security & Its Applications (IJNSA), vol. 3, no. 5, pp.191-202, 2011. DOI |
3 | L. Kavisankar and C. Chellappan, "T-RAP: (TCP Reply Acknowledgement Packet) a Resilient Filtering Model for DDoS Attack with Spoofed IP Address," Communications in Computer and Information Science, vol. 197, pp.138-148, 2011. DOI |
4 | MANAnet, "The Reverse Firewall: Defeating DDOS Attacks Emanating from a Local Area Network," DDoS White Papers Cs3, Inc, pp.1-5, 2014. |
5 | Shu Zhang and Partha Dasgupta, "Hardened networks: incremental upgrading of the Internet for attack resilience," in Proc. of The 12th International Conference on Computer Communications and Networks, pp.595-598, Oct 2003. |
6 | Yaar, Abraham, Adrian Perrig and Dawn Song, "StackPi: New packet marking and filtering mechanisms for DDoS and IP spoofing defense," IEEE Journal on Selected Areas in Communications, vol.24, no. 10, pp. 1853-1863, 2006. DOI ScienceOn |
7 | Feng, Wu-Chang and Ed Kaiser. "System and methods of determining computational puzzle difficulty for challenge-response authentication," U.S. Patent Application 13/050,123, filed March 17, 2011. |
8 | L. V. Ahn, M. Blum, N. J. Hopper and J. Langford, "CAPTCHA: using hard AI problems for security," in Proc. of 22nd international conference on Theory and applications of cryptographic techniques (EUROCRYPT'03), Eli Biham (Ed.). Springer-Verlag, Berlin, Heidelberg, pp.294-311. 2003. |
9 | Ma, M., "Mitigating denial of service attacks with password puzzles," Information Technology: Coding and Computing, ITCC, 2005. |
10 | A. Stavrou, D. L. Cook, W. G. Morein, A. D. Keromytis, V. Misra and D. Rubenstein, "Websos: An overlay-based system for protecting web servers from denial of service attacks," the International Journal of Computer and Telecommunications Networking, vol. 48, no.5, pp.781-807, August 2005. |
11 | A. D. Keromytis, V. Misra and D. Rubenstein, "SOS: Secure Overlay Services," in Proc. of Conference on Applications, technologies, architectures, and protocols for computer communications SIGCOMM'02, vol.32, no.4, pp.61-72, October2002. |
12 | Nisha H Bhandari., "DDoS Attack Prevention In Cloud Computing Using Hop Count Based Packet Monitoring Approach," International Journal of Advanced and Innovative Research (IJAIR), vol. 2, no.4, 2013, pp.954-956. |
13 | H. Wang, C. Jin and K. G. Shin, "Defense Against Spoofed IP Traffic Using Hop-Count Filtering," IEEE/ACM Transactions on Networking, vol. 15, no. 1, pp.40-53, February 2007. DOI ScienceOn |
14 | M. H. Sqalli, F. Al-Haidari and K. Salah, "EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing," Fourth IEEE International Conference on Utility and Cloud Computing, pp.49-56, 2011. |
15 | J. Mirkovic and P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communications Review, vol. 34, no. 2, pp. 39-53, April 2004. |
16 | R. K. C. Chang, "Defending against flooding-based distributed denial of service attacks: A tutorial," Computer J. IEEE Commun. Magazine, vol. 40, no. 10, pp. 42-51, 2002. |
17 | Toby Ehrenkranz, Jun Li, "On the state of IP spoofing defense," ACM Transactions on Internet Technology (TOIT), vol. 9, no. 2, pp.6:1-6:29, 2009. |
18 | C. Douligeris and A. Mitrokotsa, "DDoS attacks and defense mechanisms: classification and state-of-the-art," Computer Networks, vol. 44, no. 5, pp. 643-666, April 2004. |
19 | Saman Taghavi Zargar, James Joshi and David Tipper, "A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks," IEEE Communications Surveys & Tutorials, vol. 15, no. 4, 2013. |
20 | T. Peng, C. Leckie and K. Ramamohanarao, "Survey of network-based defense mechanisms countering the DoS and DDoS problems," ACM Computer Survey, vol. 39, no. 1, April 2007. |
21 | Noureldien A. Noureldien and Mashair O. Hussein, " Block Spoofed Packets at Source (BSPS): A method for Detecting and Preventing All Types of Spoofed Source IP Packets and SYN Flooding Packets at Source: A Theoretical Framework," International Journal of Networks and Communications, vol. 2, no. 3, pp. 33-37, 2012. DOI |
22 | T. M. Gil and M. Poleto, "MULTOPS: a data-structure for bandwidth attack detection," in Proc. of 10th Usenix Security Symposium, Washington, DC, pp. 2338, August 13-17, 2001. |
23 | P. Ferguson and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing," RFC 2267, 2000. |
24 | J. Mirkovic, G. Prier, and P. Reiher, "Attacking DDoS at the Source," in Proc. of 10th IEEE International Conference on Network Protocols (ICNP'02), Washington DC, USA, 2002. |
25 | J. Mirkovic, G. Prier and P. Reihe, "Source-End DDoS Defense," in Proc. of 2nd IEEE International Symposium on Network Computing and Applications, April 2003. |