TY - GEN
T1 - Design and validation of patricia for the mitigation of network flooding attacks
AU - Wang, Lan
AU - Wu, Qishi
AU - Liu, Yaoqing
PY - 2009
Y1 - 2009
N2 - A recent trend in Internet denial-of-service attacks is to distribute the attack sources among a large number of compromised computers. To effectively control such attacks, the attack traffic must be stopped at an early stage, which means those edge networks that host the attack sources must be given proper incentives and mechanisms to stop undesirable traffic. We previously proposed an architecture called PATRICIA, where edge networks cooperate to prevent misbehaving sources from flooding traffic in both control and data channels. In this paper, we flesh out the details of the control protocols in PATRICIA and propose an important revision to the previous design to make it more robust against collusion attacks. Furthermore, we present the results from extensive simulation experiments to validate our design.
AB - A recent trend in Internet denial-of-service attacks is to distribute the attack sources among a large number of compromised computers. To effectively control such attacks, the attack traffic must be stopped at an early stage, which means those edge networks that host the attack sources must be given proper incentives and mechanisms to stop undesirable traffic. We previously proposed an architecture called PATRICIA, where edge networks cooperate to prevent misbehaving sources from flooding traffic in both control and data channels. In this paper, we flesh out the details of the control protocols in PATRICIA and propose an important revision to the previous design to make it more robust against collusion attacks. Furthermore, we present the results from extensive simulation experiments to validate our design.
KW - Capability
KW - Collusion attack
KW - Control traffic flooding
KW - Denial-of-Service attack mitigation
KW - Packet filtering
UR - http://www.scopus.com/inward/record.url?scp=70749131232&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70749131232&partnerID=8YFLogxK
U2 - 10.1109/CSE.2009.141
DO - 10.1109/CSE.2009.141
M3 - Conference contribution
AN - SCOPUS:70749131232
SN - 9780769538235
T3 - Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009
SP - 651
EP - 658
BT - Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009 - 7th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2009
T2 - 7th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2009
Y2 - 29 August 2009 through 31 August 2009
ER -