See this document in CiteSeerX!

LADS: Large-scale Automated DDoS detection System  (Make Corrections)  
Vyas Sekar, Nick Duffield, Oliver Spatscheck, Jacobus van der Merwe, Hui Zhang



  Home/Search   Context   Related

 
View or download:
cmu.edu/~vyass/papers/lads.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  cmu.edu/~hzhang...centpublication (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Many Denial of Service attacks use brute-force bandwidth flooding of intended victims. Such volume-based attacks aggregate at a target's access router, suggesting that (i) detection and mitigation are best done by providers in their networks; and (ii) attacks are most readily detectable at access routers, where their impact is strongest. In-network detection presents a tension between scalability and accuracy. Specifically, accuracy of detection dictates fine grained traffic monitoring, but... (Update)

Active bibliography (related documents):   More   All
1.0:   Streams, Security and Scalability - Theodore Johnson Muthukrishnan (2005)   (Correct)
0.8:   Secure Distributed Data-Mining and Its Application to.. - Roughan, Zhang (2006)   (Correct)
0.5:   DoS: Fighting Fire with Fire - Michael Walfish Hari (2005)   (Correct)

Similar documents based on text:
0.0:   Unknown -   (Correct)

BibTeX entry:   (Update)

@misc{ sekar-lads,
  author = "Vyas Sekar and Nick Duffield and Oliver Spatscheck and Jacobus van der
    Merwe and Hui Zhang",
  title = "LADS: Large-scale Automated DDoS detection System",
  url = "citeseer.ist.psu.edu/752346.html" }
Citations (may not include all citations):
446   A Simple Network Management Protocol (context) - CASE, FEDOR et al. - 1990
148   Practical Network Support for IP Traceback - SAVAGE, WETHERALL et al. - 2000
113   Inferring Internet Denial-of-Service activity - MOORE, VOELKER et al. - 2001
98   SOS: Secure Overlay Services - KEROMYTIS, MISRA et al. - 2002
92   Controlling high bandwidth aggregates in the network - MAHAJAN, BELLOVIN et al. - 2002
70   Hash-Based IP Traceback - SNOEREN, PARTRIDGE et al. - 2001
57   Tracing Anonymous Packets to Their Approximate Source (context) - BURCH, CHESWICK - 2000
49   Flash crowds and denial of service attacks: Characterization.. - JUNG, KRISHNAMURTHY et al. - 2002
39   A Signal Analysis of Network Traffic Anomalies - BARFORD, KLINE et al. - 2002
36   MULTOPS: A Data-structure for Bandwidth Attack Detection - GIL, POLETTO - 2001
19   Aberrant Behavior Detection in Time Series for Network Monit.. (context) - BRUTLAG - 2000
16   Automatically Inferring Patterns of Resource Consumption in .. - ESTAN, SAVAGE et al. - 2003
14   A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms - MIRKOVIC, REIHER - 2004
11   Using Graphic Turing Tests to Counter Automated DDoS Attacks.. - MOREIN, STAVROU et al. - 2005
6   Experience Measuring Internet Backbone Traffic VariabilityMo.. - KALMANEK, YATES et al. - 2003
5   Diagnosing network-wide traffic anomalies - LAKHINA, CROVELLA et al. - 2004
5   sample less: Control of volume and variance in network measu.. (context) - DUFFIELD, LUND et al. - 2005
3   Botz-4-sale: Surviving organized ddos attacks that mimic fla.. (context) - KANDULA, KATABI et al. - 2005
3   Cisco Systems NetFlow Services Export Version (context) - CLAISE - 1990
2   On Scalable Attack Detection in the Network - KOMPELLA, SINGH et al. - 2004
2   Mining anomalies using traffic feature distributions (context) - LAKHINA, CROVELLA et al. - 2005
2   Network anomography - ZHANG, GE et al. - 2005
1   Reval: A Tool for Real-time Evaluation of DDoS Mitigation St.. (context) - VASUDEVAN, MAO et al. - 2006
1   The Zombie Roundup: Understanding (context) - COOKE, JAHANIAN et al. - 2005
1   ATMEN: a triggered network measurement infrastructure - KRISHNAMURTHY, MADHYASTHA et al. - 2005
1   node botnet (context) - SANDERS - 2005
1   Profiling internet backbone traffic: Behavior models and app.. (context) - XU, ZHANG et al. - 2005
1   A DoSlimiting Network Architecture (context) - YANG, WETHERALL et al. - 2005
1   Sparse Approximations for High-Fidelity Compression of Netwo.. - AIELLO, GILBERT et al. - 2005
1   A Wakeup Call for Internet Monitoring Systems: The Case for .. (context) - JAIN, HELLERSTEIN et al. - 2004
http://www.honeynet.org/papers/bots
http://www.cisco.com/en/US/
http://www.mazu.com
http://www.arbor.com

Documents on the same site (http://www.cs.cmu.edu/~hzhang/recentpublication.html):   More
Rethinking the Service Model: Scaling Ethernet to a Million.. - Myers, Ng, Zhang (2004)   (Correct)
Routing Design in Operational Networks: - Look From The   (Correct)
Data Streaming Algorithms for Estimating Entropy of - Network Traffic Ashwin   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC