Skip to main content
Article thumbnail
Location of Repository

Proactive server roaming for mitigating denial-of-service attacks

By Sherif M. Khattab, Chatree Sangpachatanaruks, Rami Melhem and Daniel Mosse

Abstract

Absrrac&We propose a framework based on proactive server roaming to mitigate the of Denial-of-Sewice 00s) ana*. The active sewer proactively changes its location within a pool of sewers to defend against unpredictable and undeteetable attacks. Only legitimate clients can fouow the adve as it mams. We present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next sewer to roam to. We propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of roaming is smak in of reSDonse time, in the absence of attacks. Further. during an attac< roaming signilicantly improves the response time. Index Terms-Network Security, DOS Attaek Mitigation I

Year: 2003
OAI identifier: oai:CiteSeerX.psu:10.1.1.134.8959
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cs.pitt.edu/~melhem... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.