Title :
A collaborative peer-to-peer architecture to defend against DDoS attacks
Author :
Saad, Radwane ; Nait-Abdesselam, Farid ; Serhrouchni, Ahmed
Author_Institution :
TELECOM ParisTech, Paris
Abstract :
Nowadays, we are witnessing an important increase in attacks among which distributed denial-of-service (DDoS) that easily flood the victims using multiple paths. Intrusion detection and filtering are necessary mechanisms to combat against these attacks and secure networks. However, the existing detection techniques for DDoS attacks have their entities work in isolation. In this paper, we propose an efficient and distributed collaborative architecture that allows the placement and the cooperation of the defense entities to better address the main security challenges. The use of content based DHT (distributed hash table) algorithm permits also to improve the scalability and the load balancing of the whole system. This modular architecture has been implemented on IDS (intrusion detection system) entities with the DHT Pastry protocol and has shown a promising performance.
Keywords :
Internet; information filtering; peer-to-peer computing; protocols; security of data; DDoS attacks; DHT Pastry protocol; Internet; collaborative peer-to-peer architecture; distributed collaborative architecture; distributed denial-of-service; distributed hash table algorithm; filtering mechanisms; intrusion detection system; Collaboration; Collaborative work; Computer crime; Filtering; Floods; Intrusion detection; Load management; Peer to peer computing; Protocols; Scalability; DDoS Attacks; DHT; Intrusion Detection; P2P;
Conference_Titel :
Local Computer Networks, 2008. LCN 2008. 33rd IEEE Conference on
Conference_Location :
Montreal, Que
Print_ISBN :
978-1-4244-2412-2
Electronic_ISBN :
978-1-4244-2413-9
DOI :
10.1109/LCN.2008.4664200
