R. Biswas and J. Wu, “Filter Assignment Policy Against Distributed Denial-of-Service Attack,” 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), Singapore, Singapore, 2018, pp. 537-544, doi: 10.1109/PADSW.2018.8644584.

Title:  Filter Assignment Policy Against Distributed Denial-of-Service Attack



A denial-of-service (DoS) attack is a cyber-attack in which the attacker sends out a huge number of requests to exhaust the capacity of a server, so that it can no longer serve incoming requests and DoS occurs. The most devastating distributed DoS attack is performed by malicious programs called bots. With the help of a special type of router called filter router, the victim can protect itself and reduce useless congestion in the network. A server can send out filters to filter routers for blocking attack traffic. The victim needs to select a subset of filter routers wisely to minimize attack traffic and blockage of legitimate users (LUs). In this paper, we formulate two problems for selecting filter routers given a constraint on the number of filters. The first problem considers the source-based filter and we provide greedy approximation solutions. The second problem considers the destination-based filter and how to minimize total amount of attack traffic and blocked LUs. We propose a dynamic programming solution for the second problem. We present simulation results comparing the proposed solutions with a naive approach. Our simulation results strengthen support for our solutions.
Date of Conference: 11-13 Dec. 2018
Date Added to IEEE Xplore21 February 2019
ISBN Information:08644584
Print on Demand(PoD) ISSN: 1521-9097
INSPEC Accession Number: 18485231
Publisher: IEEE
Conference Location: Singapore, Singapore, Singapore

Leave a Comment

Your email address will not be published. Required fields are marked *