Openly accessible

Mark-aided distributed filtering by using neural network for DDoS defense

Xiang, Yang and Zhou, Wanlei 2005, Mark-aided distributed filtering by using neural network for DDoS defense, in GLOBECOM '05 : IEEE Global Telecommunications Conference, 28 November-2 December 2005 St. Louis, Missouri, USA, discovery past and future, IEEE Globecom, Piscataway, N.J., pp. 1701-1705.

Attached Files
Name Description MIMEType Size Downloads
Zhou-markaideddistributedfiltering-2005.pdf Published version application/pdf 332.05KB 226

Title Mark-aided distributed filtering by using neural network for DDoS defense
Author(s) Xiang, Yang
Zhou, Wanlei
Conference name IEEE Global Telecommunications Conference (2005 : St. Louis, Mo.)
Conference location Missouri, USA
Conference dates 28 November - 2 December 2005
Title of proceedings GLOBECOM '05 : IEEE Global Telecommunications Conference, 28 November-2 December 2005 St. Louis, Missouri, USA, discovery past and future
Editor(s) Miller, A.
Publication date 2005
Conference series Global Telecommunications Conference
Start page 1701
End page 1705
Publisher IEEE Globecom
Place of publication Piscataway, N.J.
Keyword(s) filtering
DDoS
neural network
traceback
packet marking
Summary Currently Distributed Denial of Service (DDoS) attacks have been identified as one of the most serious problems on the Internet. The aim of DDoS attacks is to prevent legitimate users from accessing desired resources, such as network bandwidth. Hence the immediate task of DDoS defense is to provide as much resources as possible to legitimate users when there is an attack. Unfortunately most current defense approaches can not efficiently detect and filter out attack traffic. Our approach is to find the network anomalies by using neural network, deploy the system at distributed routers, identify the attack packets, and then filter them. The marks in the IP header that are generated by a group of IP traceback schemes, Deterministic Packet Marking (DPM)/Flexible Deterministic Packet Marking (FDPM), assist this process of identifying attack packets. The experimental results show that this approach can be used to defend against both intensive and subtle DDoS attacks, and can catch DDoS attacks’ characteristic of starting from multiple sources to a single victim. According to results, we find the marks in IP headers can enhance the sensitivity and accuracy of detection, thus improve the legitimate traffic throughput and reduce attack traffic throughput. Therefore, it can perform well in filtering DDoS attack traffic precisely and effectively.
Notes This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
ISBN 0780394151
9780780394155
Language eng
Field of Research 100503 Computer Communications Networks
Socio Economic Objective 970110 Expanding Knowledge in Technology
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2005, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30005744

Document type: Conference Paper
Collections: School of Information Technology
Open Access Collection
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.

Versions
Version Filter Type
Access Statistics: 396 Abstract Views, 271 File Downloads  -  Detailed Statistics
Created: Mon, 07 Jul 2008, 09:53:37 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.