The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

ITS: A DDoS mitigating architecture

ITS: A DDoS mitigating architecture
ITS: A DDoS mitigating architecture

We propose a DDoS mitigation architecture that protects legitimate traffic from the large volume of malicious packets during a DDoS bandwidth attack. The system keeps a legitimacy list and gives higher priority to those packets that are on the list. The legitimacy list is kept up to date by keeping only the entries that complete the TCP three-way handshake and thus defeats IP spoofing. Entries in the list contain the IP address and the path signature of active TCP connections. A packet obtains high priority if its path signature strongly correlates with the corresponding path signature stored in the legitimacy list. We show that the scheme is efficient when deployed incrementally by using priority queuing at perimeter routers. An autonomous system (AS) can immediately benefit from our proposed system when deployed even if other ASs do not deploy it.

537-541
Kluwer Academic Publishers
Farhat, Hikmat
4b7583f4-d03c-425e-a65a-82c0e157e7e6
Farhat, Hikmat
4b7583f4-d03c-425e-a65a-82c0e157e7e6

Farhat, Hikmat (2007) ITS: A DDoS mitigating architecture. In Innovations and Advanced Techniques in Computer and Information Sciences and Engineering. Kluwer Academic Publishers. pp. 537-541 . (doi:10.1007/978-1-4020-6268-1_94).

Record type: Conference or Workshop Item (Paper)

Abstract

We propose a DDoS mitigation architecture that protects legitimate traffic from the large volume of malicious packets during a DDoS bandwidth attack. The system keeps a legitimacy list and gives higher priority to those packets that are on the list. The legitimacy list is kept up to date by keeping only the entries that complete the TCP three-way handshake and thus defeats IP spoofing. Entries in the list contain the IP address and the path signature of active TCP connections. A packet obtains high priority if its path signature strongly correlates with the corresponding path signature stored in the legitimacy list. We show that the scheme is efficient when deployed incrementally by using priority queuing at perimeter routers. An autonomous system (AS) can immediately benefit from our proposed system when deployed even if other ASs do not deploy it.

This record has no associated files available for download.

More information

Published date: 2007
Venue - Dates: 2nd International Joint Conferences on Computer, Information, and Systems Sciences, and Engineering, CISSE 2006, , Bridgeport, CT, United States, 2006-12-04 - 2006-12-14

Identifiers

Local EPrints ID: 492314
URI: http://eprints.soton.ac.uk/id/eprint/492314
DOI: doi:10.1007/978-1-4020-6268-1_94
PURE UUID: 163304e9-62d2-4842-bef7-b0bce05f9621
ORCID for Hikmat Farhat: ORCID iD orcid.org/0000-0002-5043-227X

Catalogue record

Date deposited: 23 Jul 2024 17:15
Last modified: 24 Jul 2024 02:06

Export record

Altmetrics

Contributors

Author: Hikmat Farhat ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×