Design and validation of patricia for the mitigation of network flooding attacks

Lan Wang, Qishi Wu, Yaoqing Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

A recent trend in Internet denial-of-service attacks is to distribute the attack sources among a large number of compromised computers. To effectively control such attacks, the attack traffic must be stopped at an early stage, which means those edge networks that host the attack sources must be given proper incentives and mechanisms to stop undesirable traffic. We previously proposed an architecture called PATRICIA, where edge networks cooperate to prevent misbehaving sources from flooding traffic in both control and data channels. In this paper, we flesh out the details of the control protocols in PATRICIA and propose an important revision to the previous design to make it more robust against collusion attacks. Furthermore, we present the results from extensive simulation experiments to validate our design.

Original languageEnglish (US)
Title of host publicationProceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009 - 7th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2009
Pages651-658
Number of pages8
DOIs
StatePublished - 2009
Externally publishedYes
Event7th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2009 - Vancouver, BC, Canada
Duration: Aug 29 2009Aug 31 2009

Publication series

NameProceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009
Volume2

Other

Other7th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2009
Country/TerritoryCanada
CityVancouver, BC
Period8/29/098/31/09

All Science Journal Classification (ASJC) codes

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Software

Keywords

  • Capability
  • Collusion attack
  • Control traffic flooding
  • Denial-of-Service attack mitigation
  • Packet filtering

Fingerprint

Dive into the research topics of 'Design and validation of patricia for the mitigation of network flooding attacks'. Together they form a unique fingerprint.

Cite this