A design of history based traffic filtering with probabilistic packet marking against DoS attacks

Tadashi Kiuchi, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

7 被引用数 (Scopus)

抄録

Recently, one of threats on the increasing network includes DoS(Denial of Service) attacks. A large amount of packets is transmitted to a server that becomes a target of DoS attacks. Therefore, a packet filtering that intercepts the communication of a doubtful packet is researched. We investigate two packet filtering methods. In the history based filtering, it looks for IP addresses that frequently appears at a router. DoS attack traffic is filtered by filtering IP address not observed usually so much. However, the filtering method is weak when the attacker know how to filtering. In the filtering approach that uses the probabilistic packet marking, a communication from an attack path is intercepted and the technique for intercepting the attack is proposed. However, an non-attacker's communication is also intercepted, and there is a problem that the number of packets necessary for the route construction increases according to a superscription of mark information. Then, to solve both problems of the expression, it proposes the probabilistic packet marking with and the filtering approach using the observation of transmission source IP address. The attack path is specified from mark information when an attack starts, and an attack packet is filtered from the record and mark information on an address of the router. It becomes possible to prevent packets being filtered when packets sent by a result and regular those who communicate is marked on the attack path. This technique achieve low false positive of benign traffic.

本文言語英語
ホスト出版物のタイトルProceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010
ページ261-264
ページ数4
DOI
出版ステータス出版済み - 11 29 2010
イベント2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 - Seoul, 大韓民国
継続期間: 7 19 20107 23 2010

出版物シリーズ

名前Proceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010

その他

その他2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010
国/地域大韓民国
CitySeoul
Period7/19/107/23/10

All Science Journal Classification (ASJC) codes

  • コンピュータ ネットワークおよび通信
  • コンピュータ サイエンスの応用

フィンガープリント

「A design of history based traffic filtering with probabilistic packet marking against DoS attacks」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル