Cart (Loading....) | Create Account
Close category search window
 

Transient performance of PacketScore for blocking DDoS attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Mooi Choo Chuah ; Dept. of CSE, Lehigh Univ., Bethlehem, PA, USA ; Wing Cheong Lau ; Yoohwan Kim ; Chao, H.J.

Distributed denial of service (DDoS) attack is a critical threat to the Internet. Recently we have proposed the PacketScore scheme, a DDoS defense architecture that supports automated attack detection, on-line attack characterization and attack blocking. Its key idea is to use a statistics-based packet scoring mechanism to distinguish between legitimate and non-legitimate packets and discard packets based on the packet scores. In order for such an approach to work, we need to perform on-line traffic characterizations, and compare such characterizations with the nominal profiles (generated from past history or off-line analysis). The threshold used for the score-based selective packet discard decision is dynamically adjusted based on the score distribution of recent incoming packets. In our previous paper [Kim et al. 2004], we discuss how our proposed system performs in different attack scenarios. In this paper, we first give a brief review of the PacketScore approach and further elaborate on the transient performance under varying attack types and intensities, which may be exploited in more sophisticated attacks. We then show that PacketScore is well capable of blocking such sophisticated attacks by simply adjusting the measurement window time scale to closely track the attack profile.

Published in:

Communications, 2004 IEEE International Conference on  (Volume:4 )

Date of Conference:

20-24 June 2004

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.