research-article

CluB: a cluster based framework for mitigating distributed denial of service attacks

Authors:

Marina Papatriantafilou,

Philippas TsigasAuthors Info & Claims

SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

Pages 520 - 527

https://doi.org/10.1145/1982185.1982297

Published: 21 March 2011 Publication History

Abstract

Distributed Denial of Service (DDoS) attacks are threats not only for the direct targets but also for the core of the network. They are also hard to detect in advance, hence methods to deal with them need to be proactive. By building on earlier work and improving on distribution of control aspects, we propose a Cluster Based framework, which is called CluB, to mitigate DDoS attacks; the method balances the effectiveness-overhead trade-off by addressing the issue of granularity of control in the network. CluB can collaborate with different routing policies in the network, including contemporary datagram options. We estimate the effectiveness of the framework and also study a set of factors for tuning the granularity of control.

References

[1]

Crypto++ 5.6.0 benchmarks http://www.cryptopp.com/benchmarks.html, 2009.

[2]

T. Anderson, T. Roscoe, and D. Wetherall. Preventing internet denial-of-service with capabilities. SIGCOMM Comput. Commun. Rev., 34(1): 39--44, 2004.

Digital Library

[3]

K. Argyraki and D. Cheriton. Network capability: The good, the bad and the ugly. In In Proceedings of Workshop on Hot Topics in Networks (HotNets-IV), November 2005.

[4]

K. Argyraki and D. R. Cheriton. Active internet traffic filtering: real-time response to denial-of-service attacks. In Proceedings of the annual conference on USENIX Annual Technical Conference, pages 10--10. USENIX Association, 2005.

Digital Library

[5]

J.-Y. L. Boudec. Rate adaptation, congestion control and fairness: A tutorial, EPFL, December 2000.

[6]

Y. Chen, K. Hwang, and W.-S. Ku. Collaborative detection of DDoS attacks over multiple network domains. IEEE Trans. Parallel Distrib. Syst., 18(12): 1649--1662, 2007.

Digital Library

[7]

F. Chung and L. Lu. The average distances in random graphs with given expected degrees. Internet Mathematics, 1: 15879--15882, 2002.

[8]

D. Estrin, J. Mogul, and G. Tsudik. Visa protocols for controlling interorganizational datagram flow. Selected Areas in Communications, IEEE Journal on, 7(4): 486--498, May 1989.

Digital Library

[9]

M. Faloutsos, P. Faloutsos, and C. Faloutsos. On power-law relationships of the internet topology. In SIGCOMM '99, pages 251--262. ACM, 1999.

Digital Library

[10]

Z. Fu, M. Papatriantafilou, and P. Tsigas. Mitigating distributed denial of service attacks in multiparty applications in the presence of clock drifts. In Proceedings of IEEE SRDS, pages 63--72. IEEE Computer Society, 2008.

Digital Library

[11]

Z. Fu, M. Papatriantafilou, and P. Tsigas. CluB: A cluster based method for mitigating distributed denial of service attacks, Technical Report 2009--09, Chalmers University of Technology, 2009. www.cse.chalmers.se/~zhafu/CluB.pdf.

[12]

Z. Fu, M. Papatriantafilou, P. Tsigas, and W. Wei. Mitigating denial of capability attacks using sink tree based quota allocation. In Proceedings of SAC 2010, pages 713--718. ACM, 2010.

Digital Library

[13]

Y.-C. Hu, A. Perrig, and M. Sirbu. Spv: secure path vector routing for securing bgp. In SIGCOMM '04, pages 179--192. ACM, 2004.

Digital Library

[14]

A. D. Keromytis, V. Misra, and D. Rubenstein. SOS: secure overlay services. SIGCOMM Comput. Commun. Rev., 32(4): 61--72, 2002.

Digital Library

[15]

X. Liu, X. Yang, and Y. Lu. To filter or to authorize: network-layer DoS defense against multimillion-node botnets. In SIGCOMM '08, pages 195--206. ACM, 2008.

Digital Library

[16]

R. Mahajan, S. M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker. Controlling high bandwidth aggregates in the network. SIGCOMM Comput. Commun. Rev., 32(3): 62--73, 2002.

Digital Library

[17]

A. B. I. M. Mitzenmacher. Network applications of bloom filters: A survey. In Internet Mathematics, pages 636--646, 2002.

[18]

B. Parno, D. Wendlandt, E. Shi, A. Perrig, B. Maggs, and Y.-C. Hu. Portcullis: protecting connection setup from denial-of-capability attacks. In SIGCOMM '07, pages 289--300. ACM, 2007.

Digital Library

[19]

B. Raghavan and A. C. Snoeren. A system for authenticated policy-compliant routing. SIGCOMM Comput. Commun. Rev., 34(4): 167--178, 2004.

Digital Library

[20]

S. Savage, D. Wetherall, A. Karlin, and T. Anderson. Practical network support for ip traceback. SIGCOMM Comput. Commun. Rev., 30(4): 295--306, 2000.

Digital Library

[21]

D. X. Song and A. Perrig. Advanced and authenticated marking schemes for ip traceback. In IEEE INFOCOM 2001., volume 2, pages 878--886 vol. 2, 2001.

[22]

A. Stavrou and A. D. Keromytis. Countering dos attacks with stateless multipath overlays. In Proceedings of ACM CCS, pages 249--259, New York, NY, USA, 2005. ACM.

Digital Library

[23]

A. Yaar, A. Perrig, and D. Song. SIFF: A stateless internet flow filter to mitigate DDoS flooding attacks. IEEE Security and Privacy Symposium, page 130, 2004.

[24]

X. Yang, D. Wetherall, and T. Anderson. A DoS-limiting network architecture. In SIGCOMM '05, pages 241--252. ACM, 2005.

Digital Library

Cited By

Zhu YGaba GAlmansour FAlroobaea RMasud M(2021)Application of data mining technology in detecting network intrusion and security maintenanceJournal of Intelligent Systems10.1515/jisys-2020-014630:1(664-676)Online publication date: 5-May-2021
https://doi.org/10.1515/jisys-2020-0146
Dhaliwal SNahid AAbbas R(2018)Effective Intrusion Detection System Using XGBoostInformation10.3390/info90701499:7(149)Online publication date: 21-Jun-2018
https://doi.org/10.3390/info9070149
Cardigliano ADeri LLundstrom T(2016)Commoditising DDoS mitigation2016 International Wireless Communications and Mobile Computing Conference (IWCMC)10.1109/IWCMC.2016.7577112(523-528)Online publication date: Sep-2016
https://doi.org/10.1109/IWCMC.2016.7577112
Show More Cited By

Index Terms

CluB: a cluster based framework for mitigating distributed denial of service attacks
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks
  1. Network protocols

Recommendations

Machine learning combating DOS and DDOS attacks

In recent years, technology is booming at a breakneck speed as so the need of security. Vulnerabilities in the layers of the OSI model and the networks are paving new ways for intruders and hackers to steal the confidential information. Security attacks ...
The Denial-of-Service Dance

By understanding the types of attacks available to an adversary, we can develop more effective defenses against them. A taxonomy of denial-of-service attacks based on a dance-hall metaphor is a step toward gaining such an understanding.
Denial of service attacks, defences and research challenges

This paper presents a review of current denial of service (DoS) attack and defence concepts, from a theoretical ad practical point of view. Seriousness of DoS attacks is tangible and they present one of the most significant threats to assurance of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

March 2011

1868 pages

ISBN:9781450301138

DOI:10.1145/1982185

Conference Chairs:
William Chu
Tunghai University, TaiChung, Taiwan
,
W. Eric Wong
University of Texas at Dallas, Richardson, Texas
,
Program Chairs:
Mathew J. Palakal
Indiana University Purdue University, Indianapolis
,
Chih-Cheng Hung
Southern Polytechnic State University, Marietta

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Seventh Framework Programme

Conference

SAC'11

Sponsor:

SIGAPP

SAC'11: The 2011 ACM Symposium on Applied Computing

March 21 - 24, 2011

TaiChung, Taiwan

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
253
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhu YGaba GAlmansour FAlroobaea RMasud M(2021)Application of data mining technology in detecting network intrusion and security maintenanceJournal of Intelligent Systems10.1515/jisys-2020-014630:1(664-676)Online publication date: 5-May-2021
https://doi.org/10.1515/jisys-2020-0146
Dhaliwal SNahid AAbbas R(2018)Effective Intrusion Detection System Using XGBoostInformation10.3390/info90701499:7(149)Online publication date: 21-Jun-2018
https://doi.org/10.3390/info9070149
Cardigliano ADeri LLundstrom T(2016)Commoditising DDoS mitigation2016 International Wireless Communications and Mobile Computing Conference (IWCMC)10.1109/IWCMC.2016.7577112(523-528)Online publication date: Sep-2016
https://doi.org/10.1109/IWCMC.2016.7577112
Casey WMorales JNguyen TSpring JWeaver RWright EMetcalf LMishra B(2014)Cyber Security via Signaling GamesProceedings of the 10th International Conference on Distributed Computing and Internet Technology - Volume 833710.1007/978-3-319-04483-5_4(34-42)Online publication date: 6-Feb-2014
https://dl.acm.org/doi/10.1007/978-3-319-04483-5_4
Callau-Zori MJiménez-Peris RGulisano VPapatriantafilou MFu ZPatiño-Martínez MShin SMaldonado J(2013)STONEProceedings of the 28th Annual ACM Symposium on Applied Computing10.1145/2480362.2480517(807-812)Online publication date: 18-Mar-2013
https://dl.acm.org/doi/10.1145/2480362.2480517
Almgren MFu ZJonsson EKleberger PLarsson AMoradi FOlovsson TPapatriantafilou MPirzadeh LTsigas P(2011)Mapping Systems Security Research at ChalmersProceedings of the 2011 First SysSec Workshop10.1109/SysSec.2011.22(67-70)Online publication date: 6-Jul-2011
https://dl.acm.org/doi/10.1109/SysSec.2011.22

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten