A Source Identification Scheme against DDoS Attacks in Cluster Interconnects

Montreal, Quebec, Canada August 15-August 18

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICPPW.2004.1328039

2004 International Conference on Para ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Manhee Lee Articles by Eun Jung Kim Articles by Cheol Won Lee

	ASCII Text	x
	Manhee Lee, Eun Jung Kim, Cheol Won Lee, "A Source Identification Scheme against DDoS Attacks in Cluster Interconnects," Parallel Processing Workshops, International Conference on, pp. 354-361, 2004 International Conference on Parallel Processing Workshops (ICPPW'04), 2004.

	BibTex	x
	@article{ 10.1109/ICPPW.2004.1328039, author = {Manhee Lee and Eun Jung Kim and Cheol Won Lee}, title = {A Source Identification Scheme against DDoS Attacks in Cluster Interconnects}, journal ={Parallel Processing Workshops, International Conference on}, volume = {0}, year = {2004}, issn = {1530-2016}, pages = {354-361}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICPPW.2004.1328039}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel Processing Workshops, International Conference on TI - A Source Identification Scheme against DDoS Attacks in Cluster Interconnects SN - 1530-2016 SP354 EP361 A1 - Manhee Lee, A1 - Eun Jung Kim, A1 - Cheol Won Lee, PY - 2004 KW - null VL - 0 JA - Parallel Processing Workshops, International Conference on ER -

Manhee Lee, Texas A&M University

Eun Jung Kim, Texas A&M University

Cheol Won Lee, National Security Research Institute

Designing secure clusters has recently become a critical issue to make these systems robust to attacks from the Internet. The Distributed Denial of Service (DDoS) attack is one of the most serious problems in the current Internet. To defend against DDoS attacks, clusters usually depend on firewalls or Intrusion Detection Systems (IDS). However, once firewall and IDS are breached, the impact of DDoS attack within a cluster can be severe. That is because one infected system or one malicious user, which is believed to be trustworthy, may instantly paralyze the whole cluster through the high speed network. In this paper, we present a deterministic distance packet marking (DDPM) scheme to identify the source nodes generating spoofed IP packets in cluster interconnects. The scheme can be applied to many cluster interconnects such as mesh, torus and hypercube, which are popular in many commercial systems. Our scheme is practically attractive since it is scalable to large networks and does not incur much processing overhead on both switches and nodes.

Citation:

Manhee Lee, Eun Jung Kim, Cheol Won Lee, "A Source Identification Scheme against DDoS Attacks in Cluster Interconnects," icppw, pp.354-361, 2004 International Conference on Parallel Processing Workshops (ICPPW'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.