12,000

We have over 12,000 students, from over 100 countries, within one of the safest campuses in the UK

93%

93% of Lancaster students go into work or further study within six months of graduating

Home > Research > Publications & Outputs > Identifying Legitimate Clients under Distribute...
View graph of relations

« Back

Identifying Legitimate Clients under Distributed Denial-of-Service Attacks

Research output: Contribution in Book/Report/ProceedingsPaper

Published

Publication date1/09/2010
Host publication4th International Conference on Network and System Security (NSS), 2010
PublisherIEEE
Pages365-370
Number of pages6
ISBN (Print)978-1-4244-8484-3
Original languageEnglish

Conference

Conference4th International Conference on Network and System Security (NSS 2010)
CityMelbourne, Australia
Period1/09/103/09/10

Conference

Conference4th International Conference on Network and System Security (NSS 2010)
CityMelbourne, Australia
Period1/09/103/09/10

Abstract

Distributed Denial of Service (DDoS) attacks are a persistent, current, and very real threat to networks. Expanding upon a flexible distributed framework for network remediation utilising multiple strategies, we examine a novel fusion of methods to maximise throughput from legitimate clients and minimise the impact from attackers. The basic approach is to build up a whitelist of likely legitimate clients by observing outgoing traffic, presenting a challenge though proof-of-work, and providing flow cookies. Traffic that does not match the expected profile is likely attack traffic, and can be heavily filtered during attack conditions. After we incrementally develop this approach, we explore the positive and negative impacts of this approach upon the network and analyse potential countermeasures.

Related projects