By Topic

Honeypot Based Routing to Mitigate DDoS Attacks on Servers at ISP Level

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Sardana, A. ; Indian Inst. of Technol., Roorkee ; Joshi, R.C.

DDOS attacks generate flooding traffic from multiple sources towards selected nodes and cause obstruction in flow of legitimate information within a network. If the victim node is the server at ISP level requiring fast information processing, the entire network operation stops. We use various lines of honeypot based defense against such attacks. The first line of defense detects the presence of attacks. The second line of defense identifies and tags attack flows in real time. The work in this paper concentrates on the third line of defense, where a model for honeypot based routing has been proposed in response to identified attack flows. We propose the automatic generation of adequate server nodes to service client requests and honeypots to interact with attackers in contained manner. The judicious mixture of servers and honeypots at different time intervals provide stable network functionality at ISP level. We validate the effectiveness of the approach with modeling on Internet type topology and simulation in ns-2 on a Linux platform.

Published in:

Information Processing (ISIP), 2008 International Symposiums on

Date of Conference:

23-25 May 2008