Please use this identifier to cite or link to this item:
Title: A novel technique for detecting DDoS attacks at the early stage
Authors: Xiao, B 
Chen, W
He, Y
Keywords: DDoS Attack
Cooperative detection
Bloom filter
Issue Date: 2006
Publisher: Springer
Source: Journal of supercomputing, 2006, v. 36, p. 235-248 How to cite?
Journal: Journal of supercomputing 
Abstract: Distributed Denial-of-Service (DDoS) attacks pose a serious threat to Internet security. Most current research focuses on detection and prevention methods on the victim server or source side. To date, there has been no work on defenses using valuable information from the innocent client whose IP has been used in attacking packets. In this paper, we propose a novel cooperative system for producing warning of a DDoS attack. The system consists of a client detector and a server detector. The client detector is placed on the innocent client side and uses a Bloom filter-based detection scheme to generate accurate detection results yet consumes minimal storage and computational resources. The server detector can actively assist the warning process by sending requests to innocent hosts. Simulation results show that the cooperative technique presented in this paper can yield accurate DDoS alarms at an early stage. We theoretically show the false alarm probability of the detection scheme, which is insensitive to false alarms when using specially designed evaluation functions.
Appears in Collections:Journal/Magazine Article

View full-text via PolyU eLinks SFX Query
Show full item record

Page view(s)

Last Week
Last month
Citations as of Aug 12, 2018

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.