Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
A Collaborative Approach for Proactive Detection of Distributed Denial of Service Attacks
 

Summary: A Collaborative Approach for Proactive Detection
of Distributed Denial of Service Attacks
J´er^ome Franc¸ois , Adel El-Atawy, Ehab Al-Shaer, Raouf Boutaba
MADYNES - INRIA Nancy-Grand Est, CNRS, Nancy-Universit´e, France. Email: jerome.francois@loria.fr
School of Computer Science, DePaul University, Chicago, IL 60604, USA. Email: {aelatawy,ehab}@cs.depaul.edu
David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada.
Email: rboutaba@uwaterloo.ca
Abstract--Distributed Denial of Service attacks (DDoS) are a
major threat to the Internet and detecting this kind of attacks
as far as possible from the victim and close as possible to
its source is a real challenge. We propose a new framework
named FireCollaborator to deal with this problem on the Internet
Service Provider (ISP) level, based on collaborating Intrusion
Prevention Systems (IPS). A potential victim asks and pays the
ISP to be protected. The key point is to use compressed metrics
(i.e., frequency and entropy) based on the routing rules in order
to extract suspected flows. The information and alerts are shared
amongst the IPSs to enhance their believes about the network
status and thus to counter the attacks far away from the victim
and to save the network resources.

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences