Internet Archive Scholar

An empirical analysis of target-resident dos filters

M. Collins, M.K. Reiter
IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.5 MB)
https://web.archive.org/web/20170812221325/http://www.cs.unc.edu/~reiter/papers/2004/SP.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

Numerous techniques have been proposed by which an end-system, subjected to a denial-of-service flood, filters the offending traffic. In this paper, we provide an empirical analysis of several such proposals, using traffic recorded at the border of a large network and including real DoS traffic. We focus our analysis on four filtering techniques, two based on the addresses from which the victim server typically receives traffic (static clustering and network-aware clustering), and two based on
more » ... oarse indications of the path each packet traverses (hop-count filtering and path identifiers). Our analysis reveals challenges facing the proposed techniques in practice, and the implications of these issues for effective filtering. In addition, we compare techniques on equal footing, by evaluating the performance of one scheme under assumptions made by another. We conclude with an interpretation of the results and suggestions for further analysis.
doi:10.1109/secpri.2004.1301318 dblp:conf/sp/CollinsR04 fatcat:ab7btvvstzf5ldpssrziutsgq4
Citation

M. Collins, M.K. Reiter. "An empirical analysis of target-resident dos filters." IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004 103-114