TY - JOUR
T1 - Detection and identification mechanism against spoofed traffic using distributed agents
AU - Kim, Mihui
AU - Chae, Kijoon
PY - 2004
Y1 - 2004
N2 - Recently, as the serious damage caused by spoofed traffic like DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, and cannot especially identify the origin generating the spoofed traffic. In this paper, we describe a simple and practical solution that supports the immediate detection and identification for spoofing attack agent. Proposed agent needs only one per a router, and the modification of legacy routers is not required. So, if agents as many as routers are distributed, they can perfectly detect the spoofed traffic generated on themselves network, and directly identify the attack agent, regardless of spoofing level. We implement the proposed mechanism, experiment with strong DDoS tool on the real network, and confirm the effectiveness of our design.
AB - Recently, as the serious damage caused by spoofed traffic like DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, and cannot especially identify the origin generating the spoofed traffic. In this paper, we describe a simple and practical solution that supports the immediate detection and identification for spoofing attack agent. Proposed agent needs only one per a router, and the modification of legacy routers is not required. So, if agents as many as routers are distributed, they can perfectly detect the spoofed traffic generated on themselves network, and directly identify the attack agent, regardless of spoofing level. We implement the proposed mechanism, experiment with strong DDoS tool on the real network, and confirm the effectiveness of our design.
UR - http://www.scopus.com/inward/record.url?scp=33645596804&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-24707-4_79
DO - 10.1007/978-3-540-24707-4_79
M3 - Article
AN - SCOPUS:33645596804
SN - 0302-9743
VL - 3043
SP - 673
EP - 682
JO - Lecture Notes in Computer Science
JF - Lecture Notes in Computer Science
ER -