Title :
Design and Validation of PATRICIA for the Mitigation of Network Flooding Attacks
Author :
Wang, Lan ; Wu, Qishi ; Liu, Yaoqing
Author_Institution :
Dept. of Comput. Sci., Univ. of Memphis, Memphis, TN, USA
Abstract :
A recent trend in Internet denial-of-service attacks is to distribute the attack sources among a large number of compromised computers. To effectively control such attacks, the attack traffic must be stopped at an early stage, which means those edge networks that host the attack sources must be given proper incentives and mechanisms to stop undesirable traffic. We previously proposed an architecture called PATRICIA, where edge networks cooperate to prevent misbehaving sources from flooding traffic in both control and data channels. In this paper, we flesh out the details of the control protocols in PATRICIA and propose an important revision to the previous design to make it more robust against collusion attacks. Furthermore, we present the results from extensive simulation experiments to validate our design.
Keywords :
Internet; telecommunication security; Internet; PATRICIA; collusion attack; denial-of-service attack; network flooding attack; Communication system traffic control; Computer crime; Floods; Information filtering; Information filters; Internet; Large-scale systems; Protocols; Telecommunication traffic; Traffic control; Denial-of-Service attack mitigation; capability; collusion attack; control traffic flooding; packet filtering;
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
DOI :
10.1109/CSE.2009.141
