Title :
TrustGuard: A flow-level reputation-based DDoS defense system
Author :
Liu, Haiqin ; Sun, Yan ; Valgenti, Victor C. ; Kim, Min Sik
Author_Institution :
Sch. of Electr. Eng. & Comput. Sci., Washington State Univ., Pullman, WA, USA
Abstract :
Distributed Denial of Service (DDoS) attacks pose one of the most serious security threats to the Internet. We examine the drawbacks of existing defense schemes. To combat these deficiencies, we propose a credit-based defense system: TrustGuard. Essentially, flows accumulate credit based on the diversity of their packet-size distribution. The more diverse the flow, the more credit it has. Since DDoS attacks demonstrate low diversity they accumulate less credit and are likely to be dropped by the system. Naturally, the performance of TrustGuard greatly depends on the choice of credit accumulation and flow selection methods. We derive our solution by identifying the essential characteristics of DDoS attacks. Our analysis accounts for both micro and macro behaviors of DDoS attacks. The primary goal of this work is to not only detect the occurrence of a DDoS attack, but to also identify the attackers and victims involved. Experimental results demonstrate that TrustGuard performs admirably in both cases.
Keywords :
Internet; security of data; Distributed Denial of Service; Internet; credit accumulation; credit based defense system; flow level reputation-based DDoS defense system; flow selection; packet size distribution; security threat; Computer crime; Entropy; Feature extraction; IP networks; Internet; Probabilistic logic; Servers;
Conference_Titel :
Consumer Communications and Networking Conference (CCNC), 2011 IEEE
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-8789-9
DOI :
10.1109/CCNC.2011.5766474
