Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Preventing Distributed Denial-of-Service Flooding Attacks with Dynamic Path Identifiers
School of Computer Science and Engineering, Beihang University, Beijing.
Huawei Technologies.
School of Electronic and Information Engineering, Beijing Jiaotong University.
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.ORCID iD: 0000-0003-1902-9877
2017 (English)In: IEEE Transactions on Information Forensics and Security, ISSN 1556-6013, E-ISSN 1556-6021Article in journal (Refereed) Epub ahead of print
Abstract [en]

In recent years, there are increasing interests in using path identifiers (PIDs) as inter-domain routing objects. However, the PIDs used in existing approaches are static, which makes it easy for attackers to launch distributed denial-ofservice (DDoS) flooding attacks. To address this issue, in this paper, we present the design, implementation, and evaluation of D-PID, a framework that uses PIDs negotiated between neighboring domains as inter-domain routing objects. In DPID, the PID of an inter-domain path connecting two domains is kept secret and changes dynamically. We describe in detail how neighboring domains negotiate PIDs, how to maintain ongoing communications when PIDs change. We build a 42-node prototype comprised by six domains to verify D-PID’s feasibility and conduct extensive simulations to evaluate its effectiveness and cost. The results from both simulations and experiments show that D-PID can effectively prevent DDoS attacks.

Place, publisher, year, edition, pages
2017.
National Category
Media and Communication Technology
Research subject
Mobile and Pervasive Computing
Identifiers
URN: urn:nbn:se:ltu:diva-62856DOI: 10.1109/TIFS.2017.2688414OAI: oai:DiVA.org:ltu-62856DiVA: diva2:1086513
Available from: 2017-04-03 Created: 2017-04-03 Last updated: 2017-04-07

Open Access in DiVA

No full text

Other links

Publisher's full text

Search in DiVA

By author/editor
Vasilakos, Athanasios
By organisation
Computer Science
In the same journal
IEEE Transactions on Information Forensics and Security
Media and Communication Technology

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf