Abstract
As distributed denial-of-service (DDoS) attacks have caused serious economic and social problems, there have been numerous researches to defend against them. The current DDoS defense system relies on a dedicated security device, which is located in front of the server it is required to protect. To detect DDoS attacks, this security device compares incoming traffic to known attack patterns. Since such a defense mechanism cannot prevent an influx of attack traffic into the network, and every packet must be compared against the known attack patterns, the mechanism often degrades the service. In this paper, we propose a pseudo state-based DDoS detection mechanism using dynamic hashing scheme, which runs on network devices to defend against DDoS attacks without sacrificing performance in terms of data forwarding. The proposed mechanism is suitable for both low- and high-rate attacks. In addition, we verified the performance of the proposed mechanism by evaluating its performance using a DDoS attack similar to the one that occurred in Korea and the USA on July 7th, 2009.
This research was partially supported by Basic Science Research Program through the National Research Foundation of Korea(NRF) funded by the Ministry of Education, Science, and Technology(Grant No. 2012R1A1A4A01004195).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wang, H., Zhang, D., Shin, K.G.: Detecting SYN Flooding Attacks. In: Proc. IEEE Infocom, pp. 1530–1539 (2002)
Ioannidis, J., Bellovin, S.M.: Implementing Pushback: Router-based Defense Against DDoS Attacks. In: Proc. NDSS 2002 (2002)
Gong, C., Sarac, K.: A More Practical Approach for Single-Packet IP Traceback Using Packet Logging and Marking. IEEE TPDS 19 (2008)
Kuzmanovic, A., Knightly, E.W.: Low-Rate TCP-Targeted Denial of Service Attacks and Counter Strategies. IEEE/ACM Transactions on Networking (2001)
Sun, H., Zhaung, Y., Chao, H.J.: A Principal Components Analysis-based Robust DDoS Defense System. In: ICCC (2008)
Shon, T., Kim, Y., Lee, C., et al.: A Machine Learning Framework for Network Anomaly Detection using SVM and GA. In: The 6th Annual IEEE SMC (2005)
BBC News: New ’cyber attacks’ hit S Korea (July 09, 2009)
Waldvogel, M., Varghese, G., Turner, J.: Scalable High Speed IP Routing Lookups (1997), dl.acm.org
Broder, A., Mitzenmacher, M.: Using multiple hash functions to improve IP lookups. In: IEEE INFOCOM (2001)
Litwin, W.: Linear Hashing: A New Tool For File and Table Addressing. IEEE (1980)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Park, P., Yoo, S., Choi, Si., Park, J., Ryu, H.Y., Ryou, J. (2012). A Pseudo State-Based Distributed DoS Detection Mechanism Using Dynamic Hashing. In: Kim, Th., et al. Computer Applications for Security, Control and System Engineering. Communications in Computer and Information Science, vol 339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35264-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-35264-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35263-8
Online ISBN: 978-3-642-35264-5
eBook Packages: Computer ScienceComputer Science (R0)