CFP last date
20 January 2025
Reseach Article

A Peer-to-Peer Architecture to collaboratively Propagate and Traceback DDoS Attack information using DST

by P.Syam Kumar, Dr.R.Subramanian, D.Thamizh Selvam, P.S.Vinayagam
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 5 - Number 3
Year of Publication: 2010
Authors: P.Syam Kumar, Dr.R.Subramanian, D.Thamizh Selvam, P.S.Vinayagam
10.5120/899-1274

P.Syam Kumar, Dr.R.Subramanian, D.Thamizh Selvam, P.S.Vinayagam . A Peer-to-Peer Architecture to collaboratively Propagate and Traceback DDoS Attack information using DST. International Journal of Computer Applications. 5, 3 ( August 2010), 8-14. DOI=10.5120/899-1274

@article{ 10.5120/899-1274,
author = { P.Syam Kumar, Dr.R.Subramanian, D.Thamizh Selvam, P.S.Vinayagam },
title = { A Peer-to-Peer Architecture to collaboratively Propagate and Traceback DDoS Attack information using DST },
journal = { International Journal of Computer Applications },
issue_date = { August 2010 },
volume = { 5 },
number = { 3 },
month = { August },
year = { 2010 },
issn = { 0975-8887 },
pages = { 8-14 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume5/number3/899-1274/ },
doi = { 10.5120/899-1274 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T19:53:17.185006+05:30
%A P.Syam Kumar
%A Dr.R.Subramanian
%A D.Thamizh Selvam
%A P.S.Vinayagam
%T A Peer-to-Peer Architecture to collaboratively Propagate and Traceback DDoS Attack information using DST
%J International Journal of Computer Applications
%@ 0975-8887
%V 5
%N 3
%P 8-14
%D 2010
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Distributed Denial of Service attacks has become prevalent in the context of ever growing Internet. Numerous attacks have taken place in the past and numerous solutions have been suggested. Intrusion detection and filtering are necessary mechanisms to combat against these attacks and secure networks. However, the existing detection techniques for DDoS attacks have their entities work in isolation. In this paper, we propose an efficient and distributed collaborative architecture that allows the placement and the cooperation of the defense entities to better address the main security challenges. The use of Distributed Spanning Trees (DST) algorithm controls the damage caused by Distributed Denial of Service attacks by using propagation and traceback mechanism. Simulations show that DST-based tracing behave better than randomly generated graphs and trees as it generates less messages to query all computers while avoiding the tree bottlenecks.

References
  1. “Arbor networks worldwide infrastructure security report”,2008. http://www.arbornetworks.com
  2. O. Demir, “A survey of network denial of service attacks and countermeasures,” City University of New York, ComputerScience Department, Tech. Rep., 2009.
  3. Sylvain Dahan, Laurent Philippe, and Jean-Marc Nicod, “The Distributed Spanning Tree Structure”, IEEE Trans. Parallel and Distributed Systems, vol.20, no.12, pp.1738-1751, December 2009.
  4. Mihui Kim, Inshil Doh and Kijoon Chae, “Defense Mechanism using Overlay against DDoS Attacks on Converged Networks”, ICACT2007, pp. 1539-1543, February 2007.
  5. D. Moore, G. Voelker, and S. Savage, “Inferring Internet Denial of Service Activity”. In Proceedings of the 2001 USENIX Security Symposium, Washington D.C., August 2001.
  6. P. Ferguson, D. Senie, “Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing”. In IETF, RFC 2267, January 1998.
  7. SR. Snapp et al. “DIDS (Distributed Intrusion Detection System)- motivation architecture and an early prototype”. In Proceedings of the 14th national computer security conference, Washington DC, October 1999.
  8. RA. Kemmerer. “NSTAT: a model-based real-time network intrusion detection system”. In Technical Report TRCS97-18, Reliable Software Group, Department of Computer Science, University of California at Santa Barbara, 1997.
  9. G. B. White, E. A. Fisch, U. W. Pooch, “Cooperating security managers: A peer-based intrusion detection system”. IEEE Network, 10(1):20-23, January / February 1996.
  10. E. H. Spafford, and D. Zamboni, “Intrusion detection using autonomous agents”, In Computer Networks, vol. 34, No. 4, pp. 547-570, 2000.
  11. “Snort: The Open Source Network Intrusion Detection System”, www.snort.org.
  12. T.M. Gil, M. Poleto, “MULTOPS: a data-structure for bandwidth attack detection” In Proceedings of 10th Usenix Security Symposium,Washington, DC, pp. 23–38, August 2001.
  13. H. Hazeyama, Y. Kadobayashi, D. Miyamoto, and M. Oe. “An autonomous architecture for inter-domain Traceback across the borders of network operation”. In Proceedings of 11th IEEE Symposium on Computers and Communications (ISCC ’06), pages 378–385, June 2006.
  14. J. Liu, Z. Lee, and Y. Chung, “Efficient dynamic probabilistic packet marking for IP traceback”. In Proceedingd of the 11th International Conf. Networks (ICON 2003), Sydney, Australia, , pp.475-480, September 2003.
  15. A. Belenky, N. Ansarin, “Tracing multiple attackers with deterministic packet marking (DPM)”. In Proceedings of IEEE PacRim vol. 1, pp. 49-52, August 2003,
  16. R. Mahajan, S. M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, “Controlling high bandwidth aggregates”. In The network. SIGCOMM Comput. Commun. Rev., 32(3) :62_73, 2002.
  17. J. Ioannidis and S. M. Bellovin, “Implementing pushback : Routerbased defense against ddos attacks”. In NDSS. The Internet Society, 2002.
  18. L. Peluso, D. Cotroneo, S. P. Romano, G. Ventre, “ASSYST: an Active Security System against DoS attacks”. Technical Report. Dept.of Computer Sciences, University of Napoli, Italy, April 2001.
  19. J.Mirkovic, M.Robinson, P.Reiher, and G.Oikonomou, “Distributed Defense Against DDOS Attacks”. University of Delaware CIS Department Technical Report CIS-TR-2005- 02, 2005.
  20. Radwane Saad, Farid Nait-Abdesselam and Ahmed Serhrouchni, “A Collaborative Peer-to-peer Architecture to Defend Against DDoS Attacks”, Prod. 33rd IEEE Conference LCN2008, pp.427-434, 2008.
Index Terms

Computer Science
Information Sciences

Keywords

DDoS DST P2P Overlay Propagation Traceback IDS