کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
432205 688744 2006 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
پیش نمایش صفحه اول مقاله
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
چکیده انگلیسی

The Denial-of-Service (DoS) attack is a challenging problem in the current Internet. Many schemes have been proposed to trace spoofed (forged) attack packets back to their sources. Among them, hop-by-hop schemes are less vulnerable to router compromise than packet marking schemes, but they require accurate attack signatures, high storage or bandwidth overhead, and cooperation of many ISPs.In this paper, we propose honeypot back-propagation, an efficient hop-by-hop traceback mechanism, in which accurate attack signatures are obtained by a novel leverage of the roaming honeypots scheme. The reception of attack packets by a roaming honeypot (a decoy machine camouflaged within a server pool) triggers the activation of a tree of honeypot sessions rooted at the honeypot under attack toward attack sources. The tree is formed hierarchically, first at Autonomous system (AS) level and then at router level. Honeypot back-propagation supports incremental deployment by providing incentives for ISPs even with partial deployment.Against low-rate attackers, most traceback schemes would take a long time to collect the needed number of packets. To address this problem, we also propose progressive back-propagation to handle low-rate attacks, such as on-off attacks with short bursts. Analytical and simulation results demonstrate the effectiveness of the proposed schemes under a variety of DDoS attack scenarios.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Journal of Parallel and Distributed Computing - Volume 66, Issue 9, September 2006, Pages 1152-1164