Cooperative defense against network attacks

Guangsen Zhang, Manish Parashar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. As DDoS streams do not have common characteristics, currently available intrusion detection systems (IDS) can not detect them accurately. As a result, defend DDoS attacks based on current available IDS will dramatically affect legitimate traffic. In this paper, we propose a distributed approach to defend against distributed denial of service attacks by coordinating across the Internet. Unlike traditional IDS, we detect and stop DDoS attacks within the intermediate network. In the proposed approach, DDoS defense systems are deployed in the network to detect DDoS attacks independently. A gossip based communication mechanism is used to exchange information about network attacks between these independent detection nodes to aggregate information about the overall network attacks observed. Using the aggregated information, the individual defense nodes have approximate information about global network attacks and can stop them more effectively and accurately. To provide reliable, rapid and widespread dissemination of attack information, the system is built as a peer to peer overlay network on top of the internet.

Original languageEnglish (US)
Title of host publicationProceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005
Pages113-122
Number of pages10
StatePublished - Dec 1 2005
Event3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005 - Miami, FL, United States
Duration: May 24 2005May 25 2005

Publication series

NameProceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005

Other

Other3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005
CountryUnited States
CityMiami, FL
Period5/24/055/25/05

Fingerprint

Intrusion detection
Internet
Overlay networks
Peer to peer networks
Computer systems
Denial-of-service attack
Communication

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Cite this

Zhang, G., & Parashar, M. (2005). Cooperative defense against network attacks. In Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005 (pp. 113-122). (Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005).
Zhang, Guangsen ; Parashar, Manish. / Cooperative defense against network attacks. Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005. 2005. pp. 113-122 (Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005).
@inproceedings{5d2d4b0992b04c46874d4707c37dcdb4,
title = "Cooperative defense against network attacks",
abstract = "Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. As DDoS streams do not have common characteristics, currently available intrusion detection systems (IDS) can not detect them accurately. As a result, defend DDoS attacks based on current available IDS will dramatically affect legitimate traffic. In this paper, we propose a distributed approach to defend against distributed denial of service attacks by coordinating across the Internet. Unlike traditional IDS, we detect and stop DDoS attacks within the intermediate network. In the proposed approach, DDoS defense systems are deployed in the network to detect DDoS attacks independently. A gossip based communication mechanism is used to exchange information about network attacks between these independent detection nodes to aggregate information about the overall network attacks observed. Using the aggregated information, the individual defense nodes have approximate information about global network attacks and can stop them more effectively and accurately. To provide reliable, rapid and widespread dissemination of attack information, the system is built as a peer to peer overlay network on top of the internet.",
author = "Guangsen Zhang and Manish Parashar",
year = "2005",
month = "12",
day = "1",
language = "English (US)",
isbn = "9728865252",
series = "Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005",
pages = "113--122",
booktitle = "Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005",

}

Zhang, G & Parashar, M 2005, Cooperative defense against network attacks. in Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005. Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005, pp. 113-122, 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005, Miami, FL, United States, 5/24/05.

Cooperative defense against network attacks. / Zhang, Guangsen; Parashar, Manish.

Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005. 2005. p. 113-122 (Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Cooperative defense against network attacks

AU - Zhang, Guangsen

AU - Parashar, Manish

PY - 2005/12/1

Y1 - 2005/12/1

N2 - Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. As DDoS streams do not have common characteristics, currently available intrusion detection systems (IDS) can not detect them accurately. As a result, defend DDoS attacks based on current available IDS will dramatically affect legitimate traffic. In this paper, we propose a distributed approach to defend against distributed denial of service attacks by coordinating across the Internet. Unlike traditional IDS, we detect and stop DDoS attacks within the intermediate network. In the proposed approach, DDoS defense systems are deployed in the network to detect DDoS attacks independently. A gossip based communication mechanism is used to exchange information about network attacks between these independent detection nodes to aggregate information about the overall network attacks observed. Using the aggregated information, the individual defense nodes have approximate information about global network attacks and can stop them more effectively and accurately. To provide reliable, rapid and widespread dissemination of attack information, the system is built as a peer to peer overlay network on top of the internet.

AB - Distributed denial of service (DDoS) attacks on the Internet have become an immediate problem. As DDoS streams do not have common characteristics, currently available intrusion detection systems (IDS) can not detect them accurately. As a result, defend DDoS attacks based on current available IDS will dramatically affect legitimate traffic. In this paper, we propose a distributed approach to defend against distributed denial of service attacks by coordinating across the Internet. Unlike traditional IDS, we detect and stop DDoS attacks within the intermediate network. In the proposed approach, DDoS defense systems are deployed in the network to detect DDoS attacks independently. A gossip based communication mechanism is used to exchange information about network attacks between these independent detection nodes to aggregate information about the overall network attacks observed. Using the aggregated information, the individual defense nodes have approximate information about global network attacks and can stop them more effectively and accurately. To provide reliable, rapid and widespread dissemination of attack information, the system is built as a peer to peer overlay network on top of the internet.

UR - http://www.scopus.com/inward/record.url?scp=78651059765&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78651059765&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:78651059765

SN - 9728865252

SN - 9789728865252

T3 - Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005

SP - 113

EP - 122

BT - Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005

ER -

Zhang G, Parashar M. Cooperative defense against network attacks. In Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005. 2005. p. 113-122. (Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, in Conjunction with ICEIS 2005).