By Topic

FOSeL: Filtering by Helping an Overlay Security Layer to Mitigate DoS Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Hakem Beitollahi ; Katholieke Univ. Leuven, Leuven ; Geert Deconinck

Denial of service (DoS) attacks are major threat against availability in the Internet. A large number of countermeasure techniques try to detect attack and then filter out DoS attack packets. Unfortunately these techniques that filter DoS traffic by looking at known attack patterns or statistical anomalies in the traffic patterns can be defeated by changing the attack patterns and masking the anomalies that are sought by the filter. Hence, detecting DoS traffic is one of the main challenges for filtering techniques. Furthermore techniques that drop any malicious packet need to process the packet and processing is time-consuming. This paper addresses how an efficient and good filter can be designed by helping an overlay network layer to mitigate DoS attacks. Fosel (filtering by helping an overlay security layer) filter is independent from DoS attack types, so we do not worry about the changing attack patterns. Furthermore it reduces processing time noticeably. Through simulation this paper shows by employing Fosel filter, DoS attacks have a negligible chance to saturate the target by malicious packets. Our simulation demonstrates that Fosel architecture reduces the probability of successful attack to minuscule levels. Furthermore Fosel is between 10% and 50% faster than SOS (secure overlay services) (Keromytis et al., 2002) architecture to drop malicious packets based on attack rate.

Published in:

Network Computing and Applications, 2008. NCA '08. Seventh IEEE International Symposium on

Date of Conference:

10-12 July 2008