مقاله انگلیسی رایگان در مورد تشخیص و کاهش حملات link-flooding – الزویر 2018

 

مشخصات مقاله
ترجمه عنوان مقاله Woodpecker: تشخیص و کاهش حملات link-flooding از طریق شبکه نرم افزار محور
عنوان انگلیسی مقاله Woodpecker: Detecting and mitigating link-flooding attacks via SDN
انتشار مقاله سال 2018
تعداد صفحات مقاله انگلیسی 17 صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
پایگاه داده نشریه الزویر
نوع نگارش مقاله
مقاله پژوهشی (Research Article)
مقاله بیس این مقاله بیس میباشد
نمایه (index) Scopus – Master Journal List – JCR
نوع مقاله ISI
فرمت مقاله انگلیسی  PDF
ایمپکت فاکتور(IF)
3.092 در سال 2017
شاخص H_index 113 در سال 2019
شاخص SJR 0.5 در سال 2019
شناسه ISSN 1389-1286
شاخص Quartile (چارک) Q2 در سال 2019
رشته های مرتبط مهندسی کامپیوتر، فناوری اطلاعات
گرایش های مرتبط امنیت اطلاعات، شبکه های کامپیوتری
نوع ارائه مقاله
ژورنال
مجله  شبکه های کامپیوتری – Computer Networks
دانشگاه  Graduate School at Shenzhen – Tsinghua University – Shenzhen – China
کلمات کلیدی حمله Link-flooding، شبکه های تعریف شده توسط نرم افزار، DDoS
کلمات کلیدی انگلیسی Link-flooding Attack، DDoS، Software-Defined Networking
شناسه دیجیتال – doi
https://doi.org/10.1016/j.comnet.2018.09.021
کد محصول  E10652
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

فهرست مطالب مقاله:
Abstract

1- Introduction

2- Related work

3- Threat model

4- Woodpecker design overview

5- Optimal upgrade nodes selection policy

6- Congestion location and attack detection

7- LFA defense measures

8- Evaluation

9- Conclusion and future work

References

بخشی از متن مقاله:

Abstract

Link-flooding attack (LFA), as a new type of DDoS attack, can degrade or even cut off network connectivity of a target area. This attack employs legitimate, low-density flows to flood a group of selected links. Therefore, these malicious flows can hardly be distinguished by traditional defense technologies. In our scheme, we first select M routers and upgrade them into SDN switches to maximize the network connectivity. Then, we propose a proactive probe approach to rapidly locate the congested links. Next, our scheme employs a global judgment algorithm to determine whether the network is under LFA or not. Finally, Woodpecker employs the core defense measure that based on the centralized traffic engineering to make the traffic balanced and eliminate the routing bottlenecks that are likely to be utilized by the adversary. We evaluate our scheme through comprehensive experiments. The results show that the bandwidth utilization of LFA-attacked links can be reduced by around 50% and that the average packet loss rate and jitter can be effectively decreased under LFA attacks.

Introduction

Recently, distributed denial of service (DDoS) attacks are the biggest threat to the availability of networks, applications and cloud services. The adversary generally ex5 plores resource asymmetry between the bots and victim servers, and abuses vulnerabilities of many network protocols to launch DDoS attacks [1, 2]. Many effective approaches have been proposed to detect and defend against the DDoS attacks, including Pushback [3], Ingress filter 10 [4], PacketScore [5] and so forth. These methods all need to identify malicious traffic in advance, but this operation is very difficult for link-flooding attack (LFA) — a new type of DDoS attack. Different from the traditional DDoS attacks, LFA floods 15 a well-chosen group of links to cut off the network connections of a target area, instead of attacking the target servers directly. To this end, the adversary first detects the paths from bots to the public servers and constructs a link map accordingly. Then, the adversary floods the 20 selected links by employing a large number of bots to send legitimate, low-density flows to the certain public servers. In this way, these congested links will severely degrade or even cut off the network connections of the target area. We show a simple example of LFA in Figure 1. 25 Over the last few years, LFA has quickly moved from the realm of academic curiosity [6, 7] to real-world incidents. We have already witnessed the real-life demonstration of LFA in the core of the Internet [8, 9]. The target areas of these attacks include internet exchange points, enterprises 30 and campus. Worth still, such an attack may be more frequent and massive due to inability to resist in reality. LFA typically has two remarkable characteristics. Undetectablity: The target area is not directly attacked. Thus the servers in the target area cannot perceive any 35 suspicious traffic. Indistinguishability: The adversary usually employs legitimate, low-rate flows with real IP addresses. Consequently, it is difficult to distinguish malicious flows from legitimate ones.

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا