• DocumentCode
    3125441
  • Title

    TrustGuard: A flow-level reputation-based DDoS defense system

  • Author

    Liu, Haiqin ; Sun, Yan ; Valgenti, Victor C. ; Kim, Min Sik

  • Author_Institution
    Sch. of Electr. Eng. & Comput. Sci., Washington State Univ., Pullman, WA, USA
  • fYear
    2011
  • fDate
    9-12 Jan. 2011
  • Firstpage
    287
  • Lastpage
    291
  • Abstract
    Distributed Denial of Service (DDoS) attacks pose one of the most serious security threats to the Internet. We examine the drawbacks of existing defense schemes. To combat these deficiencies, we propose a credit-based defense system: TrustGuard. Essentially, flows accumulate credit based on the diversity of their packet-size distribution. The more diverse the flow, the more credit it has. Since DDoS attacks demonstrate low diversity they accumulate less credit and are likely to be dropped by the system. Naturally, the performance of TrustGuard greatly depends on the choice of credit accumulation and flow selection methods. We derive our solution by identifying the essential characteristics of DDoS attacks. Our analysis accounts for both micro and macro behaviors of DDoS attacks. The primary goal of this work is to not only detect the occurrence of a DDoS attack, but to also identify the attackers and victims involved. Experimental results demonstrate that TrustGuard performs admirably in both cases.
  • Keywords
    Internet; security of data; Distributed Denial of Service; Internet; credit accumulation; credit based defense system; flow level reputation-based DDoS defense system; flow selection; packet size distribution; security threat; Computer crime; Entropy; Feature extraction; IP networks; Internet; Probabilistic logic; Servers;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Consumer Communications and Networking Conference (CCNC), 2011 IEEE
  • Conference_Location
    Las Vegas, NV
  • Print_ISBN
    978-1-4244-8789-9
  • Type

    conf

  • DOI
    10.1109/CCNC.2011.5766474
  • Filename
    5766474