Modelling and Simulation of a Defense Strategy to Face Indirect DDoS Flooding Attacks
| Title | Modelling and Simulation of a Defense Strategy to Face Indirect DDoS Flooding Attacks |
| Publication Type | Book Chapter |
| Year of Publication | 2014 |
| Authors | Furfaro, A, Pace, P, Parise, A, Molina, L |
| Book Title | Internet and Distributed Computing Systems |
| Series Title | Lecture Notes in Computer Science |
| Volume | 8729 |
| Pagination | 263-274 |
| Publisher | Springer International Publishing |
| ISBN Number | 978-3-319-11691-4 |
| Abstract | Distributed Denial of Service (DDoS) flooding attack is one of the most diffused and effective threat against services and applications running over the Internet. Its distributed and cooperative nature makes it complicated to prevent and/or to counteract. StopIt is a robust, filter-based defence mechanism which is able to deal with various types of massive DDoS flooding attacks but which fails when the DDoS is achieved indirectly, i.e. by congestion of a link shared with the victim. This paper introduces an extension of StopIt which makes it able to cooperate with capability-based mechanisms for defeating indirect attacks. The enhanced version of the protocol has been implemented into the ns-3 simulator and its effectiveness has been evaluated under different scenarios. |
| URL | http://dx.doi.org/10.1007/978-3-319-11692-1_23 |
| DOI | 10.1007/978-3-319-11692-1_23 |