Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks

San Diego California December 09-December 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176313

18th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by John Haggerty Articles by Qi Shi Articles by Madjid Merabti

	ASCII Text	x
	John Haggerty, Qi Shi, Madjid Merabti, "Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks," Computer Security Applications Conference, Annual, pp. 413, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002.

	BibTex	x
	@article{ 10.1109/CSAC.2002.1176313, author = {John Haggerty and Qi Shi and Madjid Merabti}, title = {Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2002}, issn = {1063-9527}, pages = {413}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176313}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks SN - 1063-9527 SP EP A1 - John Haggerty, A1 - Qi Shi, A1 - Madjid Merabti, PY - 2002 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

John Haggerty, Liverpool John Moores University

Qi Shi, Liverpool John Moores University

Madjid Merabti, Liverpool John Moores University

The threat to organisations from network attacks is very real. Current countermeasures to denial of service (DoS) attacks rely on the perimeter model of network security. However, as the case study and analysis in this paper make apparent, the perimeter model, which relies on firewalls and Intrusion Detection Systems, is unable to provide an effective defence against DoS attacks. Therefore, there is a need for a new approach; one that identifies an attack beyond the perimeter. Within this paper, we present such an approach. We achieve early detection of DoS attacks by the identification of traffic signatures which indicate that an attack is underway. As these signatures can be identified 'outside' the perimeter, appropriate measures can be taken to prevent the attack from succeeding. We use examples of DoS attacks and a case study to demonstrate the applicability of our approach.

Citation:

John Haggerty, Qi Shi, Madjid Merabti, "Beyond the Perimeter: the Need for Early Detection of Denial of Service Attacks," acsac, pp.413, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.