A Lightweight Cooperative Detection Framework of DDOS/DOS Attacks Based on Counting Bloom Filter

Detection and trace-back of Distributed Denial of Service (DDoS/DoS) attacks have become a challenge for network security. In this paper, the authors propose a lightweight cooperative detection framework (CCBFF) based on counting bloom filter to detect and trace DDoS/DoS attack online. The CCBFF contains 2 counting bloom filters CBF1 and CBF2. The CBF1 distinguishes different network connection topology of a router by the "Options" field of IP-V4, encodes the existing DDoS/DoS attacks and all connected device's addresses and stored them. By querying the CBF1, the CBF2 recognizes suspicious packets, accumulates them and sends out super alerts to the victim.

Provided by: JATIT Topic: Security Date Added: Nov 2012 Format: PDF

Find By Topic