SEARCH

SEARCH BY CITATION

REFERENCES

  • 1
    Arbor Networks' Seventh Annual Infrastructure Security Report, 2012. http://www.arbornetworks.com/
  • 2
    Schuba CL, Krusl IV, Kuhn MG, Spafford EH, Sundaram A, Zamboni D. Analysis of a denial of service attack on TCP. Proc. 1997 IEEE Symp. Security and Privacy, Oakland, CA, USA, 1997; 208223.
  • 3
    Mirkovic J, Reiher P. A taxonomy of DDoS attacks and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review 2004; 34(2):3953.
  • 4
    Beitollahi H, Deconinck G. Analyzing well-known countermeasures against distributed denial of service attacks. Computer Communications 2012; 35(11): 13121332.
  • 5
    Keromytis AD, Misra V, Rubenstein D. SOS: an architecture for mitigating DDoS attacks. IEEE Journal on Selected Areas in Communications 2004; 22(1): 176188.
  • 6
    Wang X, Reiter MK. A multi-layer framework for puzzle-based denial-of-service defense. International Journal of Information Security 2008; 7(4): 243263.
  • 7
    Fallah MS. A puzzle-based defense strategy against flooding attacks using game theory. IEEE Transactions on Dependable and Secure Computing 2010; 7(1): 519.
  • 8
    Yau DKY, Lui JCS, Liang F. Defending against distributed denial-of-service attacks with max–min fair server-centric router throttles. IEEE/ACM Transactions on Networking 2005; 13(1): 2942.
  • 9
    Mahajan R, Bellovin SM, Floyd S, Ioannidis J, Paxon V, Shenker S. Controlling high bandwidth aggregates in the network. ACM Computer Communication Review 2002; 32(3): 6273.
  • 10
    Peng T, Leckie C, Ramamohanarao K. Defending against distributed denial of service attacks using selective pushback. In Proc. 9th IEEE Int. Conf. Telecommunications (ICT 2002), Beijing, China, 2002; 411429.
  • 11
    Tupakula U, Varadharajan V. A practical method to counteract denial of service attacks. In Proc. 26th Australasian Computer Science Conf. (ACSC2003), Adelaide, Australia, 2003; 275284.
  • 12
    Mirkovic J, Reiher P. D-WARD: a source-end defense against flooding denial-of-service attacks. IEEE Transactions on Dependable and Secure Computing 2005; 2(3): 216232.
  • 13
    Lam H, Li C, Chanson ST, Yeung D. A coordinated detection and response scheme for distributed denial-of-service attacks. In Proc. IEEE Int. Conf. Communications, Istanbul, Turkey, 2006; 21652170.
  • 14
    Mirkovic J, Robinson M, Reiher P, Oikonomou G. A framework for collaborative DDoS defense. In Proc. 22nd Annual Computer Security Applications Conf., Miami, FL, 2006; 3342.
  • 15
    You Y, Zulkernine M, Haque A. A distributed defense framework for flooding-based DDoS attacks. In Proc. 3rd Int. Conf. Availability, Reliability and Security, Barcelona, Spain, 2008; 245252.
  • 16
    Jian-Qi Z, Feng F, Kim C, Ke-xin Y, Yan-Heng L. A DoS detection method based on composition self-similarity. KSII Transactions on Internet and Information Systems 2010; 6(5): 14631478.
  • 17
    Ferguson P, Senie D. Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. RFC 2827, Internet Engineering Task Force (IETF), 2000.
  • 18
    Park K, Lee H. On the effectiveness of router-based packet filtering for distributed DoS attack prevention in power-law Internets. In Proc. 2001 ACM SIGCOMM Conf., San Diego, CA, 2001; 1526.
  • 19
    Duan Z, Yuan X, Chandrashekar J. Controlling IP spoofing through interdomain packet filters. IEEE Transactions on Dependable and Secure Computing 2008; 5(1):2236.
  • 20
    Stone R. CenterTrack: an IP overlay network for tracking DoS floods. Proc. 9th Conf. USENIX Security Symposium, Denver, CO, 2000; 199212.
  • 21
    Papadopoulos C, Lindell R, Mehringer J, Hussain A, Gavindan R. COSSACK: coordinated suppression of simultaneous attacks. Proc. DARPA Information Survivability Conference and Exposition (DISCEX'03), Washington, DC, 2003; 213.
  • 22
    Wan K, Chang R. Engineering of a global defense infrastructure for DDoS attacks. Proc. 10th IEEE Int. Conf. Networks, Grand Copthorne Waterfront, Singapore, 2002; 419427.
  • 23
    Yan R, Zheng Q, Li H. Combining adaptive filtering and IF flows to detect DDoS attacks within a router. KSII Transactions on Internet and Information Systems 2010; 4(3): 428451.
  • 24
    Jin C, Wang H, Shin KG. Hop-count filtering: an effective defense against spoofed DDoS traffic. Proc. 10th ACM Conf. Computer and Communications Security, Washington, DC, USA, 2003; 3041.
  • 25
    Burch H, Cheswick B. Tracing anonymous packets to their approximate source. In Proc. USENIX 14th Systems Administration Conf., New Orleans, LA, 2000; 319327.
  • 26
    Savage S, Wetherall D, Karlin A, Anderson T. Practical network support for IP traceback. In Proc. 2000 ACM SIGCOMM Conf., Stockholm, Sweden, 2000; 295306.
  • 27
    Adler M. Tradeoffs in probabilistic packet marking for IP traceback. In Proc. 34th Annual ACM Symp. Theory of Computing, Montreal, Quebec, Canada, 2002; 407418.
  • 28
    Al-Duwairi B, Govindarasu M. Novel hybrid schemes employing packet marking and logging for IP traceback. IEEE Transactions on Parallel and Distributed Systems 2006; 17(5): 403418.
  • 29
    Song D, Perrig A. Advanced and authenticated marking schemes for IP traceback. In Proc. IEEE INFOCOM 2001, Anchorage, Alaska, Jun. 2001; 878886.
  • 30
    Strayer WT, Jones CE, Tchakountio F, et al. Traceback of single IP packets using SPIE. In Proc. DARPA Information Survivability Conf. and Exposition, Washington, DC, Apr. 2003; 266270.
  • 31
    Yaar A, Perrig A, Song D. FIT: fast Internet traceback. In Proc. IEEE INFOCOM 2005, Miami, FL, Mar. 2005; 13951406.
  • 32
    Sung M, Xu J. IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks. IEEE Transactions on Parallel and Distributed Systems 2003; 14(9): 861872.
  • 33
    Song Q, Chen S. Perimeter-based defense against high bandwidth DDoS attacks. IEEE Transactions on Parallel and Distributed Systems 2005; 16(6):526537.
  • 34
    Evans D, Larochelle D. Improving security using extensible lightweight static analysis. IEEE Software 2002; 19(1):4251.
  • 35
    Yaar A, Perrig A, Song D. Pi: a path identification mechanism to defend against DDoS attacks. In Proc. 2003 IEEE Symp. Security and Privacy, Oakland, CA, May 2003; 93109.
  • 36
    Yaar A, Perrig A, Song D. StackPi: new packet marking and filtering mechanisms for DDoS and IP Spoofing Defense. IEEE Journal on Selected Areas in Communications 2006; 24(10):18531863.
  • 37
    Yaar A, Perrig A, Song D. SIFF: a stateless Internet flow filter to mitigate DDoS flooding attacks. In Proc. 2004 IEEE Symp. Security and Privacy, Berkeley, CA, May 2004; 130143.
  • 38
    Chen Y, Das S, Dhar P, El Saddik A, Nayak A. Detecting and preventing IP-spoofed distributed DoS attacks. International Journal of Network Security 2008; 7(1): 6980.
  • 39
    Kim Y, Lau WC, Chuah MC, Chao HJ. PacketScore: statistics-based overload control against distributed denial of service attacks. In Proc. IEEE INFOCOM 2004, Hong Kong, Mar. 2004; 25942604.
  • 40
    Ayres PE, Sun H, Chao HJ, Lau WC. A DDoS defense system for high-speed networks. IEEE Journal on Selected Areas in Communications 2006; 24(10): 18641876.
  • 41
    Paxon V. End-to-end routing behavior in the Internet. IEEE/ACM Transactions on Networking 1997; 5(5): 601615.
  • 42
    Wei D, Ansari N. Implementing IP traceback in the Internet—an ISP perspective. In Proc. 3rd Annual IEEE Workshop Information Assurance, West Point, NY, Jun. 2002; 326332.
  • 43
    Tseng Y, Chen H, Hsieh W. Probabilistic packet marking with non-preemptive compensation. IEEE Communications Letters 2004; 8(6): 359361.
  • 44
    Karlof C, Sastry N, Li Y, Perrig A, Tygar JD. Distillation codes and applications to DoS resistant multicast authentication. In Proc. 11th Annual Network and Distributed System Security Symp. (NDSS'04), San Diego, CA, Feb. 2004; 3756.
  • 45
    Flajolet P, Gardy D, Thimonier L. Birthday paradox, coupon collectors, caching algorithms and self-organizing search. Discrete Applied Mathematics 1992; 39(3): 207229.
  • 46
    CAIDA's Skitter Project Web Page, 2004. http://www.caida.org/tools/skitter/