TY - GEN
T1 - Securing hybrid wired/mobile IP networks from TCP-flooding based denial-of-service attacks
AU - Taleb, Tarik
AU - Nishiyama, Hiroki
AU - Kato, Nei
AU - Nemoto, Yoshiaki
PY - 2005/12/1
Y1 - 2005/12/1
N2 - Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.
AB - Protection of Mobile IP networks from Denial-of-Service (DoS) attacks, a serious security threat in today's Internet, is a one major step toward making this paradigm a reality. The paper proposes a method to detect DoS attacks, issued from mobile users, in the vicinity of flooding sources and in early stages before they cripple the targeted system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate accesses. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.
UR - http://www.scopus.com/inward/record.url?scp=33846599261&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33846599261&partnerID=8YFLogxK
U2 - 10.1109/GLOCOM.2005.1578290
DO - 10.1109/GLOCOM.2005.1578290
M3 - Conference contribution
AN - SCOPUS:33846599261
SN - 0780394143
SN - 9780780394148
T3 - GLOBECOM - IEEE Global Telecommunications Conference
SP - 2907
EP - 2911
BT - GLOBECOM'05
T2 - GLOBECOM'05: IEEE Global Telecommunications Conference, 2005
Y2 - 28 November 2005 through 2 December 2005
ER -