Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Detecting DDoS Attacks on ISP Networks Aditya Akella Ashwin Bharambe Mike Reiter Srinivasan Seshan
 

Summary: Detecting DDoS Attacks on ISP Networks
Aditya Akella Ashwin Bharambe Mike Reiter Srinivasan Seshan
Carnegie Mellon University
Abstract
Most past solutions for detecting denial of service attacks (and iden­
tifying the perpetrators) have targeted end­node victims. However,
little attention has been given to this problem from an ISP perspec­
tive. This paper explores the key challenges involved in helping an
ISP network detect attacks on itself or attacks on external sites
which use the ISP network. We propose a detection mechanism
where each router detects traffic anamolies using profiles of normal
traffic constructed using stream sampling algorithms. In addition,
an ISP's routers exchange information with each other to increase
confidence in their detection decisions. Our initial results show that
individual router profiles capture key characteristics of the traffic
effectively and help identify anomalies with low false positive and
false negative rates. We believe that profile construction can be ex­
tremely efficient, supporting even multi­gigabit speeds. We also be­
lieve that incremental deployment of such techniques is possible,
although it may signficantly impact the effectiveness of the dis­

  

Source: Akella, Aditya - Department of Computer Sciences, University of Wisconsin at Madison

 

Collections: Computer Technologies and Information Sciences