Title :
Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter
Author :
Huang, Chun-Ying ; Chen, Kuan-Ta ; Lei, Chin-Laung
Author_Institution :
Dept. of Electr. Eng., Nat. Taiwan Inst. of Technol., Taipei
Abstract :
With the emergence of active worms, the targets of attacks have been moved from well-known Internet servers to generic Internet hosts, and since the rate at which patches can be applied is always much slower than the spread of a worm, an Internet worm can usually attack or infect millions of hosts in a short time. It is difficult to eliminate Internet attacks globally; thus, protecting client networks from being attacked or infected is a relatively critical issue. In this paper, we propose a method that protects client networks from being attacked by people who try to scan, attack, or infect hosts in local networks via unpatched vulnerabilities. Based on the symmetry of network traffic in both temporal and spatial domains, a bitmap filter is installed at the entry point of a client network to filter out possible attack traffic. Our evaluation shows that with a small amount of memory (less than 1 megabyte), more than 95% of attack traffic can be filtered out in a small- or medium-scale client network
Keywords :
Internet; client-server systems; computer network reliability; invasive software; telecommunication security; telecommunication traffic; Internet hosts; Internet servers; Internet worm; active attack mitigation; bitmap filter; client networks; local networks; random attack traffic; unpatched vulnerabilities; Aggregates; Bandwidth; IP networks; Information filtering; Information filters; Internet; Network servers; Protection; Telecommunication traffic; Web server;
Conference_Titel :
Dependable Systems and Networks, 2006. DSN 2006. International Conference on
Conference_Location :
Philadelphia, PA
Print_ISBN :
0-7695-2607-1
DOI :
10.1109/DSN.2006.54
