An active security protocol against DoS attacks

Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications Pub Date : 2002-07-01 DOI:10.1109/ISCC.2002.1021721

Domenico Cotroneo, L. Peluso, S. Romano, G. Ventre

{"title":"An active security protocol against DoS attacks","authors":"Domenico Cotroneo, L. Peluso, S. Romano, G. Ventre","doi":"10.1109/ISCC.2002.1021721","DOIUrl":null,"url":null,"abstract":"Denial of service (DoS) attacks represent, in today's Internet, one of the most complex issues to address. A session is under a DoS attack if it cannot achieve its intended throughput due to the misbehavior of other sessions. Many research studies dealt with DoS, proposing models and/or architectures mostly based on an attack prevention approach. Prevention techniques lead to different models, each suitable for a single type of misbehavior, but do not guarantee the protection of a system from a more general DoS attack. We analyze the fundamental requirements to be satisfied in order to protect hosts and routers from any form of distributed DoS (DDoS). Then we propose a network signaling protocol, named active security protocol(ASP), which satisfies most of the defined requirements. ASP provides an active protection from a DDoS attack, being able to adapt its defense strategies to the current type of violation. Protocol specification and design are performed using an object oriented methodology: we used Unified Modeling Language (UML) as a software description language.","PeriodicalId":261743,"journal":{"name":"Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications","volume":"03 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2002.1021721","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Denial of service (DoS) attacks represent, in today's Internet, one of the most complex issues to address. A session is under a DoS attack if it cannot achieve its intended throughput due to the misbehavior of other sessions. Many research studies dealt with DoS, proposing models and/or architectures mostly based on an attack prevention approach. Prevention techniques lead to different models, each suitable for a single type of misbehavior, but do not guarantee the protection of a system from a more general DoS attack. We analyze the fundamental requirements to be satisfied in order to protect hosts and routers from any form of distributed DoS (DDoS). Then we propose a network signaling protocol, named active security protocol(ASP), which satisfies most of the defined requirements. ASP provides an active protection from a DDoS attack, being able to adapt its defense strategies to the current type of violation. Protocol specification and design are performed using an object oriented methodology: we used Unified Modeling Language (UML) as a software description language.

查看原文本刊更多论文

针对DoS攻击的有效安全协议

在当今的Internet中，拒绝服务(DoS)攻击是需要解决的最复杂问题之一。如果一个会话由于其他会话的错误行为而无法达到其预期的吞吐量，则该会话处于DoS攻击之下。许多研究涉及DoS，提出的模型和/或架构大多基于攻击预防方法。预防技术导致不同的模型，每种模型适用于单一类型的不当行为，但不能保证保护系统免受更一般的DoS攻击。为了保护主机和路由器免受任何形式的分布式DoS (DDoS)攻击，我们分析了需要满足的基本要求。然后，我们提出了一种网络信令协议，称为主动安全协议(ASP)，该协议满足了大多数已定义的要求。ASP提供了针对DDoS攻击的主动保护，能够根据当前的攻击类型调整其防御策略。协议规范和设计使用面向对象的方法执行:我们使用统一建模语言(UML)作为软件描述语言。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications

自引率

0.00%

发文量