PathFinder: Capturing DDoS Traffic Footprints on the Internet

被引：0

作者：

Shi, Lumin ^{[1
]}

Zhang, Mingwei ^{[1
]}

Li, Jun ^{[1
]}

Reiher, Peter ^{[2
]}

机构：

[1] Univ Oregon, Eugene, OR 97403 USA

[2] Univ Calif Los Angeles, Los Angeles, CA USA

来源：

2018 IFIP NETWORKING CONFERENCE (IFIP NETWORKING) AND WORKSHOPS | 2018年

关键词：

distributed denial-of-service; DDoS; traffic foot-print; autonomous system (AS); PFTrie; IP TRACEBACK;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

While distributed denial-of-service (DDoS) attacks are easy to launch and are becoming more damaging, the defense against DDoS attacks often suffers from the lack of relevant knowledge of the DDoS traffic, including the paths the DDoS traffic has used, the source addresses (spoofed or not) that appear along each path, and the amount of traffic per path or per source. Though IP traceback and path inference approaches could be considered, they are either expensive and hard to deploy or inaccurate. We propose PathFinder, a service that a DDoS defense system can use to obtain the footprints of the DDoS traffic to the victim as is. It introduces a PFTrie data structure with multiple design features to log traffic at line rate, and is easy to implement and deploy on today's Internet. We show that PathFinder can significantly improve the efficacy of a DDoS defense system, while PathFinder itself is fast and has a manageable overhead.

引用

页码：10 / 18

页数：9

共 50 条

[41] Toward Scalable and Low-Cost Traffic Testing for Evaluating DDoS Defense Solutions
Chen, Xiang
Liu, Hongyan
Huang, Qun
Zhang, Dong
Zhou, Haifeng
Wu, Chunming
Liu, Xuan
[J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2024, 32 (01) : 191 - 206
[42] Discriminate, locate and mitigate DDoS traffic in presence of Flash Crowd in Software Defined Network
Patil, Jitendra
Tokekar, Vrinda
Rajan, Alpana
Rawat, Anil
[J]. JOURNAL OF SUPERCOMPUTING, 2022, 78 (15) : 16770 - 16793
[43] Discriminate, locate and mitigate DDoS traffic in presence of Flash Crowd in Software Defined Network
Jitendra Patil
Vrinda Tokekar
Alpana Rajan
Anil Rawat
[J]. The Journal of Supercomputing, 2022, 78 : 16770 - 16793
[44] Identifying DDoS Attacks from Fluctuations in Wireless Traffic in an Intelligent IoT Road Network
Skoufas, Konstantinos
Spyrou, Evangelos D.
Mitrakos, Dimitris
[J]. 2020 16TH INTERNATIONAL WIRELESS COMMUNICATIONS & MOBILE COMPUTING CONFERENCE, IWCMC, 2020, : 451 - 456
[45] DDoS Flooding Attack Detection Based on Joint-entropy with Multiple Traffic Features
Mao, Jiewen
Deng, Weijun
Shen, Fuke
[J]. 2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, : 237 - 243
[46] Programmable traffic monitoring method based on active network techniques and application to DDoS detection
Hasegawa, T
Ano, S
Kubota, F
[J]. IEICE TRANSACTIONS ON COMMUNICATIONS, 2004, E87B (07) : 1890 - 1899
[47] A Study on Traffic Asymmetry for Detecting DDoS Attack in P4-based SDN
Lin, Ting-Yu
Wang, Ching-Yuan
Tuan, Ya-Pei
Tsai, Meng-Hsun
Chen, Yean-Ru
[J]. JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2022, 38 (06) : 1265 - 1283
[48] System for DDoS attack mitigation by discovering the attack vectors through statistical traffic analysis
Mirchev M.J.
Mirtchev S.T.
[J]. International Journal of Information and Computer Security, 2020, 13 (3-4) : 309 - 321
[49] A DDoS attack detection based on deep learning in software-defined Internet of things
Wang, Jiushuang
Liu, Ying
Su, Wei
Feng, Huifen
[J]. 2020 IEEE 92ND VEHICULAR TECHNOLOGY CONFERENCE (VTC2020-FALL), 2020,
[50] Effective DDoS Mitigation via ML-Driven In-Network Traffic Shaping
Zhao, Ziming
Liu, Zhuotao
Chen, Huan
Zhang, Fan
Song, Zhuoxue
Li, Zhaoxuan
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (04) : 4271 - 4289

← 1 2 3 4 5 →