Learn More
This article presents a survey of denial of service attacks and the methods that have been proposed for defense against these attacks. In this survey, we analyze the design decisions in the Internet that have created the potential for denial of service attacks. We review the state-of-art mechanisms for defending against denial of service attacks, compare(More)
In this paper, we introduce a practical scheme to defend against Distributed Denial of Service (DDoS) attacks based on IP source address filtering. The edge router keeps a history of all the legitimate IP addresses which have previously appeared in the network. When the edge router is overloaded, this history is used to decide whether to admit an incoming(More)
In this paper, we propose a simple but robust scheme to detect denial of service attacks (including distributed denial of service attacks) by monitoring the increase of new IP addresses. Unlike previous proposals for bandwidth attack detection schemes which are based on monitoring the traffic volume, our scheme is very effective for highly distributed(More)
In this paper, we propose a simple but robust scheme to detect denial of service attacks (including distributed denial of service attacks) by monitoring the increase of new IP addresses. Unlike previous proposals for bandwidth attack detection schemes which are based on monitoring the traffic volume, our scheme is very effective for highly distributed(More)
The Denial of Service attack, especially the Distributed Denial of Service (DDoS) attack, has become one of the major threats to the Internet. Generally, attackers launch DDoS attacks by directing a massive number of attack sources to send useless traffic to the victim. The victim’s services are disrupted when its host or network resources are occupied by(More)
In this paper, we present a distributed approach to detecting a type of distributed denial of service attack known as reflector attacks. In our approach, every potential reflector monitors the incoming packets and broadcasts a warning message to other potential reflectors if any abnormal traffic is observed. The warning message contains a description of the(More)
In this paper, we present an information sharing model for distributed intrusion detection systems. The typical challenges faced by distributed intrusion detection systems is what information to share and how to share information. We address these problems by using the Cumulative Sum algorithm to collect statistics at each local system, and use a machine(More)
Millions of users divulge their personal information on phishing web sites, which causes over a billion dollars loss every year. Phishing domain take-down is the most promising approach to address this security issue, since there will be nothing there for a misled user to see if the fraudulent website has been removed completely. A key part of the take-down(More)