Counteracting TCP SYN DDoS attacks using automated model

Author

Tupakula, Udaya Kiran ; Varadharajan, Vijay ; Gajam, Ashok Kumar

Author_Institution

Div. of Inf. & Commun. Sci., Macquarie Univ., Sydney, NSW, Australia

Volume

4

fYear

2004

fDate

29 Nov.-3 Dec. 2004

Firstpage

2240

Abstract

We propose modifications to the automated model to counteract TCP SYN distributed denial of service (DDoS) attacks nearest to the attacking source and also discuss the prototype implementation of our technique. It should be noted that we do not solve the TCP SYN problem, but we enable the victim to differentiate between the traffic originating from good and bad network domains, trace the router that is nearest to the attacking source with a single packet, even if the source address of the packet is spoofed, and prevent the attack traffic at the router which is nearest to the attacking source. Since our model is invoked only during attack times, it has much less overhead, and the main advantage of this technique is that the victim can provide better service for traffic originating from good network domains and completely eliminate or provide limited service for the traffic originating from the bad network domain.

Keywords

computer networks; security of data; telecommunication security; telecommunication traffic; transport protocols; TCP SYN DDoS attacks; attacking source; automated model; bad network domains; computer networks; distributed DoS attacks; distributed denial of service attacks; good network domains; spoof source address; Authorization; Communication system security; Computer crime; Data structures; Information security; Network servers; Prototypes; Telecommunication traffic; Traffic control; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE

Print_ISBN

0-7803-8794-5

Type

conf

DOI

10.1109/GLOCOM.2004.1378407

Filename

1378407