By Topic

Early detection and prevention of denial-of-service attacks: a novel mechanism with propagated traced-back attack blocking

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
J. Haggerty ; Sch. of Comput. & Math. Sci., Liverpool John Moores Univ., UK ; Qi Shi ; M. Merabti

A major threat to the information economy is denial-of-service (DoS) attacks. These attacks are highly prevalent despite the widespread deployment of perimeter-based countermeasures. Therefore, more effective approaches are required to counter the threat. This requirement has motivated us to propose a novel, distributed, and scalable mechanism for effective early detection and prevention of DoS attacks at the router level within a network infrastructure. This paper presents the design details of the new mechanism. Specifically, this paper shows how the mechanism combines both stateful and stateless signatures to provide early detection of DoS attacks and, therefore, protect the enterprise network. More importantly, this paper discusses how a domain-based approach to an attack response is used by the mechanism to block attack traffic. This novel approach enables the blockage of an attack to be gradually propagated only through affected domains toward the attack sources. As a result, the attack is eventually confined within its source domains, thus avoiding wasteful attack traffic overloading the network infrastructure. This approach also provides a natural way of tracing back the attack sources, without requiring the use of specific trace-back techniques and additional resources for their implementation.

Published in:

IEEE Journal on Selected Areas in Communications  (Volume:23 ,  Issue: 10 )