By Topic

Distributed Divide-and-Conquer Techniques for Effective DDoS Attack Defenses

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Muthuprasanna, M. ; Google, Inc., Mountain View, CA ; Manimaran, G.

Distributed Denial-of-Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current woeful state of any viable defense mechanism, have made them one of the top threats to the Internet community today. While distributed packet logging and/or packet marking have been explored in the past for DDoS attack traceback/mitigation, we propose to advance the state of the art by using a novel distributed divide-and-conquer approach in designing a new data dissemination architecture that efficiently tracks attack sources. The main focus of our work is to tackle the three disjoint aspects of the problem, namely attack tree construction, attack path frequency detection, and packet to path association, independently and to use succinct recurrence relations to express their individual implementations. We also evaluate the network traffic and storage overhead induced by our proposed deployment on real-life Internet topologies, supporting hundreds of victims each subject to thousands of high-bandwidth flows simultaneously, and conclude that we can truly achieve single packet traceback guarantees with minimal overhead and high efficiency.

Published in:

Distributed Computing Systems, 2008. ICDCS '08. The 28th International Conference on

Date of Conference:

17-20 June 2008