A Framework for a Collaborative DDoS Defense

Miami Beach, Florida, USA December 11-December 15

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.5

22nd Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by George Oikonomou Articles by Jelena Mirkovic Articles by Peter Reiher Articles by Max Robinson

	ASCII Text	x
	George Oikonomou, Jelena Mirkovic, Peter Reiher, Max Robinson, "A Framework for a Collaborative DDoS Defense," Computer Security Applications Conference, Annual, pp. 33-42, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/ACSAC.2006.5, author = {George Oikonomou and Jelena Mirkovic and Peter Reiher and Max Robinson}, title = {A Framework for a Collaborative DDoS Defense}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2006}, issn = {1063-9527}, pages = {33-42}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.5}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - A Framework for a Collaborative DDoS Defense SN - 1063-9527 SP33 EP42 A1 - George Oikonomou, A1 - Jelena Mirkovic, A1 - Peter Reiher, A1 - Max Robinson, PY - 2006 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

George Oikonomou, University of Delaware, USA

Jelena Mirkovic, University of Delaware, USA

Peter Reiher, UCLA, USA

Max Robinson, Aerospace Corporation

Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism is necessary for a successful defense. Three main DDoS defense functionalities -- attack detection, rate limiting and traffic differentiation -- are most effective when performed at the victim-end, core and sourceend respectively. Many existing systems are successful in one aspect of defense, but none offers a comprehensive solution and none has seen a wide deployment. We propose to harvest the strengths of existing defenses by organizing them into a collaborative overlay, called DefCOM, and augmenting them with communication and collaboration functionalities. Nodes collaborate during the attack to spread alerts and protect legitimate traffic, while rate limiting the attack. DefCOM can accommodate existing defenses, provide synergistic response to attacks and naturally lead to an Internet-wide response to DDoS threat.

Citation:

George Oikonomou, Jelena Mirkovic, Peter Reiher, Max Robinson, "A Framework for a Collaborative DDoS Defense," acsac, pp.33-42, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.