TY - GEN
T1 - Integrated notification architecture based on overlay against DDoS attacks on convergence network
AU - Kim, Mihui
AU - Seo, Jaewon
AU - Chae, Kijoon
PY - 2007
Y1 - 2007
N2 - The distributed denial of service (DDoS) attack that is one of the most threatening attacks in the wired network has been already extended in the wireless mobile network, owing to the appearance of DDoS attack tool against mobile phone. In the future, the latent threats for the converged form of DDoS attack should be resolved for the induction of successful convergence network. However, because of the current problems in defending against converged DDoS attacks on convergence network, such as the absence of a converged defense, research on cooperation architecture between defense processes is critical. In this paper, we analyze possible converged attacks, thus we propose a scalable and dynamic notification architecture based on overlay routing against DDoS attacks in consideration of the capacity of each node. A main feature of this architecture is the speedy notification of attack detection to each highest defense system in the network of the attack agents as well as in the victims. Thus it makes it possible not only to fast defense at the network of victims but also to identify attack agents. We analyzed the overhead for constructing our hierarchical overlay, simulated the transmission rate and speed of detection notification, and found a marked improvement using our defense compared to general routes.
AB - The distributed denial of service (DDoS) attack that is one of the most threatening attacks in the wired network has been already extended in the wireless mobile network, owing to the appearance of DDoS attack tool against mobile phone. In the future, the latent threats for the converged form of DDoS attack should be resolved for the induction of successful convergence network. However, because of the current problems in defending against converged DDoS attacks on convergence network, such as the absence of a converged defense, research on cooperation architecture between defense processes is critical. In this paper, we analyze possible converged attacks, thus we propose a scalable and dynamic notification architecture based on overlay routing against DDoS attacks in consideration of the capacity of each node. A main feature of this architecture is the speedy notification of attack detection to each highest defense system in the network of the attack agents as well as in the victims. Thus it makes it possible not only to fast defense at the network of victims but also to identify attack agents. We analyzed the overhead for constructing our hierarchical overlay, simulated the transmission rate and speed of detection notification, and found a marked improvement using our defense compared to general routes.
UR - http://www.scopus.com/inward/record.url?scp=38149024791&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-75664-4_49
DO - 10.1007/978-3-540-75664-4_49
M3 - Conference contribution
AN - SCOPUS:38149024791
SN - 9783540756637
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 466
EP - 476
BT - Software Technologies for Embedded and Ubiquitous Systems - 5th IFIP WG 10.2 International Workshop, SEUS 2007, Revised Papers
A2 - Obermaisser, Roman
A2 - Puschner, Peter
A2 - Nah, Yunmook
A2 - Rammig, Peter
PB - Springer Verlag
T2 - 5th IFIP WG 10.2 International Workshop on Software Technologies for Embedded and Ubiquitous Systems, SEUS 2007
Y2 - 7 May 2007 through 8 May 2007
ER -