Steve, H., Jun, D.: Understanding network concepts in modules. Rouse, M.: ICANN (Internet Corporation for Assigned Names and Numbers) (2016). Rekhter, Y., Li, T.: A border gateway protocol 4 (BGP-4). Parno, B., Wendlandt, D., Shi, E., Perrig, A., Maggs, B., Hu, Y.C.: Portcullis: protecting connection setup from denial-of-capability attacks. Morone, F., Makse, H.A.: Influence maximization in complex networks through optimal percolation. In: IEEE International Conference on Distributed Computing Systems (2010) Lee, S.B., Gligor, V.D.: Floc : dependable link access for legitimate traffic in flooding attacks. Kitsak, M., et al.: Identification of influential spreaders in complex networks. Kim, Y., Lau, W.C., Chuah, M.C., Chao, H.J.: Packetscore: a statistics-based packet filtering scheme against distributed denial-of-service attacks. Kim, T.H.J., Basescu, C., Jia, L., Lee, S.B., Hu, Y.C., Perrig, A.: Lightweight source authentication and path validation. Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. Kalkan, K., Alagöz, F.: A distributed filtering mechanism against DDoS attacks. Heer, H.: Host identity protocol certificates draft-ietf-hip-cert-12. Godfrey, P., Ganichev, I., Shenker, S., Stoica, I.: Pathlet routing. 2(1), 113–120 (1972)Įstrada, E., Rodriguez-Velazquez, J.A.: Subgraph centrality in complex networks. 5(5), 675–689 (2002)īonacich, P.: Factoring and weighting approaches to status scores and clique identification. In: Proceedings NDSS, San Diego, February 2016īennett, J.C.R., Zhang, H.: Hierarchical packet fair queueing algorithms. In: Proceedings of the ACM SIGCOMM 2008 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Seattle, 17–22, August 2008īasescu, C., et al.: SIBRA: scalable internet bandwidth reservation architecture. Īndersen, D.G., Balakrishnan, H., Feamster, N., Koponen, T., Shenker, S.: Accountable internet protocol (aip). ĭDoS attacks rise in intensity, sophistication and volume, September 2020. ĪWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever, June 2020. assignments/as-numbers/as-numbers.xhtmlīene: A python network simulator (2017). KeywordsĪutonomous system numbers (2016). Finally, through network experiments, we evaluate FIBA can realize user-level DDoS protection even in 90%-contaminated domain. Our scheme is integrated with existing methods and can be optionally deployed by source domains. Moreover, FIBA can establish hierarchical channels for capability requesting packets to realize the isolation of traffic from the same source domain. FIBA enables source domains to locally differentiate the capability requests by state measuring according to two attributing factors. In this paper, we present FIBA, an intra-domain bandwidth allocation mechanism with fine-grained accessing control granularity. However, previous capability-based techniques are insufficient to provide accurate protection towards legitimate users of contaminated domains. Multiple bandwidth reservation mechanisms based on network capability have been proposed to resolve Distributed Denial of Service (DDoS) attacks towards the transit-link.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |