• Publications
  • Influence
Attacking DDoS at the source
Distributed denial-of-service (DDoS) attacks present an Internet-wide threat. We propose D-WARD, a DDoS defense system deployed at source-end networks that autonomously detects and stops attacksExpand
  • 507
  • 24
  • PDF
SAVE: source address validity enforcement protocol
Forcing all IP packets to carry correct source addresses can greatly help network security, attack tracing, and network problem debugging. However, due to asymmetries in today's Internet routing,Expand
  • 293
  • 18
  • PDF
Incrementality and Prediction in Human Sentence Processing
We identify a number of principles with respect to prediction that, we argue, underpin adult language comprehension: (a) comprehension consists in realizing a mapping between the unfolding sentenceExpand
  • 231
  • 15
  • PDF
D-WARD: a source-end defense against flooding denial-of-service attacks
Defenses against flooding distributed denial-of-service (DDoS) commonly respond to the attack by dropping the excess traffic, thus reducing the overload at the victim. The major challenge is theExpand
  • 207
  • 12
  • PDF
Modeling Human Behavior for Defense Against Flash-Crowd Attacks
Flash-crowd attacks are the most vicious form of distributed denial of service (DDoS). They flood the victim with service requests generated from numerous bots. Attack requests are identical inExpand
  • 118
  • 10
  • PDF
D-ward: source-end defense against distributed denial-of-service attacks
Distributed denial-of-service (DDoS) attacks are a grave and challenging problem. Perpetration requires little effort on the attacker's side, since a vast number of insecure machines provides fertileExpand
  • 82
  • 8
A Framework for a Collaborative DDoS Defense
Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distributed mechanism isExpand
  • 95
  • 6
  • PDF
Building accountability into the future Internet
This paper proposes a future Internet architecture whose security foundations prevent todaypsilas major threats - IP spoofing, distributed denial-of-service attacks, distributed scanning andExpand
  • 29
  • 6
  • PDF
Distributed worm simulation with a realistic Internet model
Internet worm spread is a phenomenon involving millions of hosts, who interact in complex and diverse environment. Scanning speed of each infected host depends on its resources and the defenses atExpand
  • 56
  • 5
  • PDF
Profiling and Clustering Internet Hosts
Identifying groups of Internet hosts with a similar behavior is very useful for many applications of Internet security control, such as DDoS defense, worm and virus detection, detection of botnets,Expand
  • 57
  • 5
  • PDF