抄録
Recently, a botnet based DDoS (Distributed Denial of Service) attack, called target link flooding attack, has been reported that cuts off specific links over the Internet and disconnects a specific region from other regions. Detecting or mitigating the target link flooding attack is more difficult than legacy DDoS attack techniques, since attacking flows do not reach the target region. Although many mitigation schemes are proposed, they detect the attack after it occurs. In this paper, we propose a fast target link flooding attack detection scheme by leveraging the fact that the traceroute packets are increased before the attack caused by the attacker's reconnaissance. Moreover, by analyzing the characteristic of the target link flooding attack that the number of traceroute packets simultaneously increases in various regions over the network, we propose a detection scheme with multiple detection servers to eliminate false alarms caused by sudden increase of traceroute packets sent by legitimate users. We show the effectiveness of our scheme by computer simulations.
| 本文言語 | English |
|---|---|
| ホスト出版物のタイトル | 2015 IEEE International Workshop on Information Forensics and Security, WIFS 2015 - Proceedings |
| 出版社 | Institute of Electrical and Electronics Engineers Inc. |
| ISBN(印刷版) | 9781467368025 |
| DOI | |
| 出版ステータス | Published - 2015 12月 29 |
| イベント | IEEE International Workshop on Information Forensics and Security, WIFS 2015 - Rome, Italy 継続期間: 2015 11月 16 → 2015 11月 19 |
Other
| Other | IEEE International Workshop on Information Forensics and Security, WIFS 2015 |
|---|---|
| 国/地域 | Italy |
| City | Rome |
| Period | 15/11/16 → 15/11/19 |
ASJC Scopus subject areas
- コンピュータ サイエンスの応用
- 情報システム
- コンピュータ ネットワークおよび通信