Author
S. Sanand
Bio: S. Sanand is an academic researcher from Indian Institute of Technology Madras. The author has contributed to research in topics: The Internet & DDoS mitigation. The author has an hindex of 1, co-authored 1 publications receiving 2 citations.
Papers
More filters
11 May 2010
TL;DR: The Path Attestation Scheme coupled with a metric called "Confidence Index" was able to successfully distinguish between malicious and genuine traffic, 85% of the time, and presupposes support from a fraction of routers in the path.
Abstract: DDoS mitigation schemes are increasingly becoming relevant in the Internet. The main hurdle faced by such schemes is the “nearly indistinguishable” line between malicious traffic and genuine traffic. It is best tackled with a paradigm shift in connection handling by attesting the path. We therefore propose the scheme called “Path Attestation Scheme” coupled with a metric called “Confidence Index” to tackle the problem of distinguishing malicious and genuine traffic in a progressive manner, with varying levels of certainty. We support our work through an experimental study to establish the stability of Internet topology by using 134 different global Internet paths over a period of 16 days. Our Path Attestation Scheme was able to successfully distinguish between malicious and genuine traffic, 85% of the time. The scheme presupposes support from a fraction of routers in the path.
3 citations
Cited by
More filters
TL;DR: Constraint programming is an emergent field in operations research that focuses on the constraints and variables domain rather than the objective functions and finds a feasible solution rather than optimization.
Abstract: A constraint is defined as a logical relation among several unknown quantities or variables, each taking a value in a given domain. Constraint Programming (CP) is an emergent field in operations research. Constraint programming is based on feasibility which means finding a feasible solution rather than optimization which means finding an optimal solution and focuses on the constraints and variables domain rather than the objective functions. While defining a set of constraints, this may seem a simple way to model a real-world problem but finding a good model that works well with a chosen solver is not that easy. A model could be very hard to solve if it is poorly chosen.
1 citations
TL;DR: In this article , the authors present an approach to develop and verify a method for modeling of network attacks either at server side or client side, and prove that the method enables one to design models resembling the same behaviour of attacks that support the detection process of selected network attacks and facilitate the application of countermeasures.
1 citations
TL;DR: This paper focuses on Distributed Denial of Service attack, surveys, classification and also proposed mitigation techniques revealed in literature by various researchers.
Abstract: Today most of the activities like trade, e-commerce are dependent on the availability of Internet. The growing use of internet services in the past few years have facilitated increase in distributed denial of service attack. Due to DDos attacks, caused by malicious hosts secured data communication over the internet is very difficult to achieve and is the need of the hour. DDos attacks are one of the most widely spread problems faced by most of the internet service providers (ISP’s). The work which had already been done was in the direction of detection, prevention and trace-back of DDos attack. Mitigation of these attacks has also gained an utmost importance in the present scenario. A number of techniques have been proposed by various researchers but those techniques produce high collateral Damage so more efforts are needed to be done in the area of mitigation of DDos attacks. This paper focuses on Distributed Denial of Service attack, surveys, classification and also proposed mitigation techniques revealed in literature by various researchers.