Eric Y. K. Chan, H. Chan, K. M. Chan, Vivien P. S. Chan, S. Chanson, M. Cheung, C. Chong, Kam-pui Chow, Albert K. T. Hui, L.C.K. Hui, Luke C. K. Lam, W. C. Lau, K. Pun, Anthony Y. F. Tsang, W. Tsang, Sam C. W. Tso, D. Yeung, KY Yu
{"title":"IDR:用于防御分布式拒绝服务攻击的入侵检测路由器","authors":"Eric Y. K. Chan, H. Chan, K. M. Chan, Vivien P. S. Chan, S. Chanson, M. Cheung, C. Chong, Kam-pui Chow, Albert K. T. Hui, L.C.K. Hui, Luke C. K. Lam, W. C. Lau, K. Pun, Anthony Y. F. Tsang, W. Tsang, Sam C. W. Tso, D. Yeung, KY Yu","doi":"10.1109/ISPAN.2004.1300541","DOIUrl":null,"url":null,"abstract":"Distributed denial-of-service (DDoS) attack has turned into one of the major security threats in recent years. Usually the only solution is to stop the services or shut down the victim and then discard the attack traffic only after the DDoS attack characteristics (such as the destination ports of the attack packets) are known. In this paper, we introduce a generic DDoS attack detection mechanism as well as the design and setup of a testbed for performing experiments and analysis. Our results showed that the mechanism can detect DDoS attack. This enables us to proceed to the next steps of packet classification and traffic control.","PeriodicalId":198404,"journal":{"name":"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2004-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"48","resultStr":"{\"title\":\"IDR: an intrusion detection router for defending against distributed denial-of-service (DDoS) attacks\",\"authors\":\"Eric Y. K. Chan, H. Chan, K. M. Chan, Vivien P. S. Chan, S. Chanson, M. Cheung, C. Chong, Kam-pui Chow, Albert K. T. Hui, L.C.K. Hui, Luke C. K. Lam, W. C. Lau, K. Pun, Anthony Y. F. Tsang, W. Tsang, Sam C. W. Tso, D. Yeung, KY Yu\",\"doi\":\"10.1109/ISPAN.2004.1300541\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed denial-of-service (DDoS) attack has turned into one of the major security threats in recent years. Usually the only solution is to stop the services or shut down the victim and then discard the attack traffic only after the DDoS attack characteristics (such as the destination ports of the attack packets) are known. In this paper, we introduce a generic DDoS attack detection mechanism as well as the design and setup of a testbed for performing experiments and analysis. Our results showed that the mechanism can detect DDoS attack. This enables us to proceed to the next steps of packet classification and traffic control.\",\"PeriodicalId\":198404,\"journal\":{\"name\":\"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-05-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"48\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISPAN.2004.1300541\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPAN.2004.1300541","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
IDR: an intrusion detection router for defending against distributed denial-of-service (DDoS) attacks
Distributed denial-of-service (DDoS) attack has turned into one of the major security threats in recent years. Usually the only solution is to stop the services or shut down the victim and then discard the attack traffic only after the DDoS attack characteristics (such as the destination ports of the attack packets) are known. In this paper, we introduce a generic DDoS attack detection mechanism as well as the design and setup of a testbed for performing experiments and analysis. Our results showed that the mechanism can detect DDoS attack. This enables us to proceed to the next steps of packet classification and traffic control.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
