Detection and identification mechanism against spoofed traffic using distributed agents

Mihui Kim, Kijoon Chae

Research output: Contribution to journalArticlepeer-review

3 Scopus citations

Abstract

Recently, as the serious damage caused by spoofed traffic like DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not provide effective defense against these attacks, and cannot especially identify the origin generating the spoofed traffic. In this paper, we describe a simple and practical solution that supports the immediate detection and identification for spoofing attack agent. Proposed agent needs only one per a router, and the modification of legacy routers is not required. So, if agents as many as routers are distributed, they can perfectly detect the spoofed traffic generated on themselves network, and directly identify the attack agent, regardless of spoofing level. We implement the proposed mechanism, experiment with strong DDoS tool on the real network, and confirm the effectiveness of our design.

Original languageEnglish
Pages (from-to)673-682
Number of pages10
JournalLecture Notes in Computer Science
Volume3043
DOIs
StatePublished - 2004

Fingerprint

Dive into the research topics of 'Detection and identification mechanism against spoofed traffic using distributed agents'. Together they form a unique fingerprint.

Cite this