Distributed defense against distributed Denial-of-Service attacks

Wei Shi; Yang Xiang; Wanlei Zhou

doi:10.1007/11564621_41

Distributed defense against distributed Denial-of-Service attacks

Wei Shi, Yang Xiang, Wanlei Zhou

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

2 Citations (Scopus)

Abstract

Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.

Original language	English
Title of host publication	Distributed and Parallel Computing
Subtitle of host publication	6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings
Editors	Michael Hobbs, Andrzej M. Goscinsk, Wanlei Zhou
Place of Publication	Berlin Germany
Publisher	Springer
Pages	357-362
Number of pages	6
ISBN (Electronic)	9783540320715
ISBN (Print)	9783540292357
DOIs	https://doi.org/10.1007/11564621_41
Publication status	Published - 2005
Externally published	Yes
Event	International Conference on Algorithms and Architectures for Parallel Processing 2005 - Melbourne, Australia Duration: 2 Oct 2005 → 3 Oct 2005 Conference number: 6th

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	3719
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on Algorithms and Architectures for Parallel Processing 2005
Abbreviated title	ICA3PP 2005
Country/Territory	Australia
City	Melbourne
Period	2/10/05 → 3/10/05

Access to Document

10.1007/11564621_41

Cite this

Shi, W., Xiang, Y., & Zhou, W. (2005). Distributed defense against distributed Denial-of-Service attacks. In M. Hobbs, A. M. Goscinsk, & W. Zhou (Eds.), Distributed and Parallel Computing: 6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings (pp. 357-362). (Lecture Notes in Computer Science ; Vol. 3719 ). Springer. https://doi.org/10.1007/11564621_41

Shi, Wei ; Xiang, Yang ; Zhou, Wanlei. / Distributed defense against distributed Denial-of-Service attacks. Distributed and Parallel Computing: 6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings. editor / Michael Hobbs ; Andrzej M. Goscinsk ; Wanlei Zhou. Berlin Germany : Springer, 2005. pp. 357-362 (Lecture Notes in Computer Science ).

@inproceedings{ccd03c83e5354b8a82114315cb286be2,

title = "Distributed defense against distributed Denial-of-Service attacks",

abstract = "Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.",

author = "Wei Shi and Yang Xiang and Wanlei Zhou",

year = "2005",

doi = "10.1007/11564621\_41",

language = "English",

isbn = "9783540292357",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "357--362",

editor = "Hobbs, \{Michael \} and Goscinsk, \{Andrzej M. \} and Zhou, \{Wanlei \}",

booktitle = "Distributed and Parallel Computing",

address = "Switzerland",

note = "International Conference on Algorithms and Architectures for Parallel Processing 2005, ICA3PP 2005 ; Conference date: 02-10-2005 Through 03-10-2005",

}

Shi, W, Xiang, Y & Zhou, W 2005, Distributed defense against distributed Denial-of-Service attacks. in M Hobbs, AM Goscinsk & W Zhou (eds), Distributed and Parallel Computing: 6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings. Lecture Notes in Computer Science , vol. 3719 , Springer, Berlin Germany, pp. 357-362, International Conference on Algorithms and Architectures for Parallel Processing 2005, Melbourne, Victoria, Australia, 2/10/05. https://doi.org/10.1007/11564621_41

Distributed defense against distributed Denial-of-Service attacks. / Shi, Wei; Xiang, Yang; Zhou, Wanlei.
Distributed and Parallel Computing: 6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings. ed. / Michael Hobbs; Andrzej M. Goscinsk; Wanlei Zhou. Berlin Germany: Springer, 2005. p. 357-362 (Lecture Notes in Computer Science ; Vol. 3719 ).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Distributed defense against distributed Denial-of-Service attacks

AU - Shi, Wei

AU - Xiang, Yang

AU - Zhou, Wanlei

N1 - Conference code: 6th

PY - 2005

Y1 - 2005

N2 - Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.

AB - Distributed defense is a promising way to neutralize the distributed Denial-of-Service attacks by detecting and responding the attacking sources widespread around the Internet. Components of the distributed defense system will cooperate with each other to combat the attacks. Compared with the centralized defense systems, distributed defense systems can discover the attacks more timely from both source end and victim end, fight the attacks with more resources and take advantage of more flexible strategies. This paper investigates 7 distributed defense systems which make use of various strategies to mitigate the DDoS attacks. Different architectures are designed in these 7 systems to provide distributed DDoS defense solutions. We evaluate these systems in terms of deployment, detection, response, security, robustness and implementation. For each criteria, we give a recommendation on which technologies are best suitable for a successful distributed defense system based on the analysis result. Finally we propose our idea on the design of an effective distributed defense system.

UR - http://www.scopus.com/inward/record.url?scp=33646432220&partnerID=8YFLogxK

U2 - 10.1007/11564621_41

DO - 10.1007/11564621_41

M3 - Conference Paper

AN - SCOPUS:33646432220

SN - 9783540292357

T3 - Lecture Notes in Computer Science

SP - 357

EP - 362

BT - Distributed and Parallel Computing

A2 - Hobbs, Michael

A2 - Goscinsk, Andrzej M.

A2 - Zhou, Wanlei

PB - Springer

CY - Berlin Germany

T2 - International Conference on Algorithms and Architectures for Parallel Processing 2005

Y2 - 2 October 2005 through 3 October 2005

ER -

Shi W, Xiang Y, Zhou W. Distributed defense against distributed Denial-of-Service attacks. In Hobbs M, Goscinsk AM, Zhou W, editors, Distributed and Parallel Computing: 6th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP Melbourne, Australia, October 2-3, 2005 Proceedings. Berlin Germany: Springer. 2005. p. 357-362. (Lecture Notes in Computer Science ). doi: 10.1007/11564621_41

Distributed defense against distributed Denial-of-Service attacks

Abstract

Publication series

Conference

Access to Document

Other files and links

Cite this