Distributed Denial of service (DDoS) is one of the most difficult security problems to address. While many existing techniques (e.g., IP traceback) focus on tracking the location of the attackers after-the-fact, little is done to mitigate the effect of an attack while it is raging on. In this paper, we present a novel technique that can effectively filter out the majority of DDoS traffic, thus improving the overall throughput of the legitimate traffic. The proposed scheme leverages on and generalizes the IP traceback schemes to obtain the information concerning whether a network edge is on the attacking path of an attacker ("infected") or not ("clean"). We observe that while an attacker will have all the edges on its path marke...
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the mem...
Abstract: Problem statement: Distributed Denial of Service (DDoS) was a serious threat to the intern...
In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to pe...
Distributed Denial of Service (DDoS) is one of the most difficult security problems to address. Whil...
Abstract—Internet Protocol (IP) traceback is the enabling technology to control Internet crime. In t...
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack ...
The threat of malicious Internet activities such as Distributed Denial of Service (DDoS) attacks, sp...
Currently Distributed Denial of Service (DDoS) attacks have been identified as one of the most serio...
Internet Protocol (IP) traceback is the enabling technology to control Internet crime. In this paper...
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back ...
For the macroscopic traceback problem, we propose an algorithm, which leverages the well-known Chand...
Distributed denial-of-service attack is one of the most pressing security problems that the Internet...
Abstract—This paper presents an evaluation of two promising schemes for tracing cyber-attacks, the w...
DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) ...
DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) ...
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the mem...
Abstract: Problem statement: Distributed Denial of Service (DDoS) was a serious threat to the intern...
In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to pe...
Distributed Denial of Service (DDoS) is one of the most difficult security problems to address. Whil...
Abstract—Internet Protocol (IP) traceback is the enabling technology to control Internet crime. In t...
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack ...
The threat of malicious Internet activities such as Distributed Denial of Service (DDoS) attacks, sp...
Currently Distributed Denial of Service (DDoS) attacks have been identified as one of the most serio...
Internet Protocol (IP) traceback is the enabling technology to control Internet crime. In this paper...
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back ...
For the macroscopic traceback problem, we propose an algorithm, which leverages the well-known Chand...
Distributed denial-of-service attack is one of the most pressing security problems that the Internet...
Abstract—This paper presents an evaluation of two promising schemes for tracing cyber-attacks, the w...
DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) ...
DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) ...
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the mem...
Abstract: Problem statement: Distributed Denial of Service (DDoS) was a serious threat to the intern...
In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to pe...