Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks

Tarik Taleb; Hiroki Nishiyama; Nei Kato; Yoshiaki Nemoto

doi:10.1109/GLOCOM.2005.1578290

Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks

Tarik Taleb, Hiroki Nishiyama, Nei Kato, Yoshiaki Nemoto

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.

Original language	English
Title of host publication	GLOBECOM'05
Subtitle of host publication	IEEE Global Telecommunications Conference, 2005
Pages	2907-2911
Number of pages	5
DOIs	https://doi.org/10.1109/GLOCOM.2005.1578290
Publication status	Published - 2005 Dec 1
Event	GLOBECOM'05: IEEE Global Telecommunications Conference, 2005 - St. Louis, MO, United States Duration: 2005 Nov 28 → 2005 Dec 2

Publication series

Name	GLOBECOM - IEEE Global Telecommunications Conference
Volume	5

Other

Other	GLOBECOM'05: IEEE Global Telecommunications Conference, 2005
Country	United States
City	St. Louis, MO
Period	05/11/28 → 05/12/2

ASJC Scopus subject areas

Engineering(all)

Access to Document

10.1109/GLOCOM.2005.1578290

Fingerprint Dive into the research topics of 'Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks'. Together they form a unique fingerprint.

Cite this

Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks. / Taleb, Tarik; Nishiyama, Hiroki ; Kato, Nei; Nemoto, Yoshiaki.

GLOBECOM'05: IEEE Global Telecommunications Conference, 2005. 2005. p. 2907-2911 1578290 (GLOBECOM - IEEE Global Telecommunications Conference; Vol. 5).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Taleb, T, Nishiyama, H , Kato, N & Nemoto, Y 2005, Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks. in GLOBECOM'05: IEEE Global Telecommunications Conference, 2005., 1578290, GLOBECOM - IEEE Global Telecommunications Conference, vol. 5, pp. 2907-2911, GLOBECOM'05: IEEE Global Telecommunications Conference, 2005, St. Louis, MO, United States, 05/11/28. https://doi.org/10.1109/GLOCOM.2005.1578290

@inproceedings{e5c75e2d921847d9980631d745cd30a3,

title = "Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks",

abstract = "Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.",

author = "Tarik Taleb and Hiroki Nishiyama and Nei Kato and Yoshiaki Nemoto",

year = "2005",

month = dec,

day = "1",

doi = "10.1109/GLOCOM.2005.1578290",

language = "English",

isbn = "0780394143",

series = "GLOBECOM - IEEE Global Telecommunications Conference",

pages = "2907--2911",

booktitle = "GLOBECOM'05",

note = "GLOBECOM'05: IEEE Global Telecommunications Conference, 2005 ; Conference date: 28-11-2005 Through 02-12-2005",

}

TY - GEN

T1 - Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks

AU - Taleb, Tarik

AU - Nishiyama, Hiroki

AU - Kato, Nei

AU - Nemoto, Yoshiaki

PY - 2005/12/1

Y1 - 2005/12/1

N2 - Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.

AB - Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.

UR - http://www.scopus.com/inward/record.url?scp=33846599261&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33846599261&partnerID=8YFLogxK

U2 - 10.1109/GLOCOM.2005.1578290

DO - 10.1109/GLOCOM.2005.1578290

M3 - Conference contribution

AN - SCOPUS:33846599261

SN - 0780394143

SN - 9780780394148

T3 - GLOBECOM - IEEE Global Telecommunications Conference

SP - 2907

EP - 2911

BT - GLOBECOM'05

T2 - GLOBECOM'05: IEEE Global Telecommunications Conference, 2005

Y2 - 28 November 2005 through 2 December 2005

ER -

Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this