A design of history based traffic filtering with probabilistic packet marking against DoS attacks

Tadashi Kiuchi, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

Recently, one of threats on the increasing network includes DoS(Denial of Service) attacks. A large amount of packets is transmitted to a server that becomes a target of DoS attacks. Therefore, a packet filtering that intercepts the communication of a doubtful packet is researched. We investigate two packet filtering methods. In the history based filtering, it looks for IP addresses that frequently appears at a router. DoS attack traffic is filtered by filtering IP address not observed usually so much. However, the filtering method is weak when the attacker know how to filtering. In the filtering approach that uses the probabilistic packet marking, a communication from an attack path is intercepted and the technique for intercepting the attack is proposed. However, an non-attacker's communication is also intercepted, and there is a problem that the number of packets necessary for the route construction increases according to a superscription of mark information. Then, to solve both problems of the expression, it proposes the probabilistic packet marking with and the filtering approach using the observation of transmission source IP address. The attack path is specified from mark information when an attack starts, and an attack packet is filtered from the record and mark information on an address of the router. It becomes possible to prevent packets being filtered when packets sent by a result and regular those who communicate is marked on the attack path. This technique achieve low false positive of benign traffic.

Original languageEnglish
Title of host publicationProceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010
Pages261-264
Number of pages4
DOIs
Publication statusPublished - Nov 29 2010
Event2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 - Seoul, Korea, Republic of
Duration: Jul 19 2010Jul 23 2010

Publication series

NameProceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010

Other

Other2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010
CountryKorea, Republic of
CitySeoul
Period7/19/107/23/10

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications

Fingerprint Dive into the research topics of 'A design of history based traffic filtering with probabilistic packet marking against DoS attacks'. Together they form a unique fingerprint.

Cite this