A collaborative peer-to-peer architecture to defend against DDoS attacks

R. Saad, Farid Naït-Abdesselam, A. Serhrouchni
{"title":"A collaborative peer-to-peer architecture to defend against DDoS attacks","authors":"R. Saad, Farid Naït-Abdesselam, A. Serhrouchni","doi":"10.1109/LCN.2008.4664200","DOIUrl":null,"url":null,"abstract":"Nowadays, we are witnessing an important increase in attacks among which distributed denial-of-service (DDoS) that easily flood the victims using multiple paths. Intrusion detection and filtering are necessary mechanisms to combat against these attacks and secure networks. However, the existing detection techniques for DDoS attacks have their entities work in isolation. In this paper, we propose an efficient and distributed collaborative architecture that allows the placement and the cooperation of the defense entities to better address the main security challenges. The use of content based DHT (distributed hash table) algorithm permits also to improve the scalability and the load balancing of the whole system. This modular architecture has been implemented on IDS (intrusion detection system) entities with the DHT Pastry protocol and has shown a promising performance.","PeriodicalId":218005,"journal":{"name":"2008 33rd IEEE Conference on Local Computer Networks (LCN)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 33rd IEEE Conference on Local Computer Networks (LCN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LCN.2008.4664200","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 22

Abstract

Nowadays, we are witnessing an important increase in attacks among which distributed denial-of-service (DDoS) that easily flood the victims using multiple paths. Intrusion detection and filtering are necessary mechanisms to combat against these attacks and secure networks. However, the existing detection techniques for DDoS attacks have their entities work in isolation. In this paper, we propose an efficient and distributed collaborative architecture that allows the placement and the cooperation of the defense entities to better address the main security challenges. The use of content based DHT (distributed hash table) algorithm permits also to improve the scalability and the load balancing of the whole system. This modular architecture has been implemented on IDS (intrusion detection system) entities with the DHT Pastry protocol and has shown a promising performance.
一种协同的点对点架构,用于防御DDoS攻击
如今,我们目睹了攻击的显著增加,其中分布式拒绝服务(DDoS)很容易通过多条路径淹没受害者。入侵检测和过滤是对抗这些攻击和保护网络安全的必要机制。然而,现有的DDoS攻击检测技术使其实体孤立工作。在本文中,我们提出了一种高效的分布式协作架构,允许国防实体的布局和合作,以更好地应对主要的安全挑战。使用基于内容的DHT(分布式哈希表)算法还可以提高整个系统的可伸缩性和负载平衡。该模块化体系结构已在采用DHT糕点协议的入侵检测系统实体上实现,并显示出良好的性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信